Multiple vulnerabilities have been found in Cacti, the worst of which could lead to the remote execution of arbitrary code.
|Package||net-analyzer/cacti on all architectures|
|Affected versions||< 1.1.20|
|Unaffected versions||>= 1.1.20|
Cacti is a complete frontend to rrdtool.
Multiple vulnerabilities have been discovered in Cacti. Please review the CVE identifiers referenced below for details.
Remote attackers could execute arbitrary code or bypass intended access restrictions.
There is no known workaround at this time.
All Cacti users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/cacti-1.1.20:1.1.20"