latest version: 0.8.8c
 
 Cacti (home)ForumsRepositoryDocumentation

Cacti: The complete RRDTool-based graphing solution.
 
Latest Files
cacti-0.8.8c.tar.gz...
cacti-0.8.8c.zip...

Information
What is Cacti?
Features
Changelog
Screen Shots

Downloads
Download Cacti
Official Patches

Spine (Cactid)
Information
Changelog
Download
Official Patches
Installation

Development
Road Map
SourceForge
SVN Repository
Browse SVN
Report a Bug

Support
Documentation
Forums
Mailing Lists
FAQ

Donate
Support Cacti
Contributers

Release Notes - 0.8.6f

Important Security Fixes

The PHP-Hardened Project has discovered three new critical security issues in Cacti. Full disclosures are linked below.

  • 032005: Cacti Multiple SQL Injection Vulnerabilities
  • 042005: Cacti Remote Command Execution Vulnerability
  • 052005: Cacti Authentication/Addslashes Bypass Vulnerability

It is highly recommended that all users upgrade immediately. For users whom are unable to upgrade, two different patches have been provided.

  • [Download]: For users of Cacti 0.8.6e
  • [Download]: For users of Cacti 0.8.6d using the Cacti 0.8.6e security patch.

Upgrade Notes

No SQL changes have been made in this release.

Changelog

security: Hardened PHP Project Advisory #042005 - Cacti Authentication/Addslashes Bypass Vulnerability
security: Hardened PHP Project Advisory #022005 - Cacti Multiple SQL Injection Vulnerabilities
security: Hardened PHP Project Advisory #032005 - Cacti Remote Command Execution Vulnerability
 
 
 
Copyright © 2004-2012 The Cacti Group, Inc. - Cacti is the registered trademark The Cacti Group, Inc.


PHP      RRDTool