1
Candidate: CVE-2009-4112
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4112
6
Cacti 0.8.7e and earlier allows remote authenticated administrators to gain
7
privileges by modifying the "Data Input Method" for the "Linux - Get Memory
8
Usage" setting to contain arbitrary commands.
11
jdstrand> per Debian, not a security issue because the admin is expected to be
12
able to define such Data Input Methods.
14
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=561339
20
upstream_cacti: needs-triage
21
dapper_cacti: ignored (reached end-of-life)
23
intrepid_cacti: needs-triage (reached end-of-life)