latest version: 0.8.8b
 
 Cacti (home)ForumsRepositoryDocumentation

Cacti: The complete RRDTool-based graphing solution.
 
Latest Files
cacti-0.8.8b.tar.gz...
cacti-0.8.8b.zip...

Information
What is Cacti?
Features
Changelog
Screen Shots

Downloads
Download Cacti
Official Patches
Additional Scripts

Spine (Cactid)
Information
Changelog
Download
Official Patches
Installation

Development
Road Map
SourceForge
SVN Repository
Browse SVN
Report a Bug

Support
Documentation
Forums
Mailing Lists
FAQ

Donate
Support Cacti
Contributers

Release Notes - 0.8.6f

Important Security Fixes

The PHP-Hardened Project has discovered three new critical security issues in Cacti. Full disclosures are linked below.

  • 032005: Cacti Multiple SQL Injection Vulnerabilities
  • 042005: Cacti Remote Command Execution Vulnerability
  • 052005: Cacti Authentication/Addslashes Bypass Vulnerability

It is highly recommended that all users upgrade immediately. For users whom are unable to upgrade, two different patches have been provided.

  • [Download]: For users of Cacti 0.8.6e
  • [Download]: For users of Cacti 0.8.6d using the Cacti 0.8.6e security patch.

Upgrade Notes

No SQL changes have been made in this release.

Changelog

security: Hardened PHP Project Advisory #042005 - Cacti Authentication/Addslashes Bypass Vulnerability
security: Hardened PHP Project Advisory #022005 - Cacti Multiple SQL Injection Vulnerabilities
security: Hardened PHP Project Advisory #032005 - Cacti Remote Command Execution Vulnerability
 
 
 
Copyright © 2004-2012 The Cacti Group, Inc. - Cacti is the registered trademark The Cacti Group, Inc.


PHP      RRDTool