latest version: 1.1.28
 
 Cacti (home)ForumsDocumentation

Cacti: The complete RRDTool-based graphing solution.
 

Information
What is Cacti?
Features
Changelog

Downloads
Cacti
Spine

Development
Support Cacti
Report an Issue
GitHub

Support
Documentation
Forums
Mailing Lists
FAQ

Spine
Information
Changelog

Release Notes - 0.8.6f

Important Security Fixes

The PHP-Hardened Project has discovered three new critical security issues in Cacti. Full disclosures are linked below.

  • 032005: Cacti Multiple SQL Injection Vulnerabilities
  • 042005: Cacti Remote Command Execution Vulnerability
  • 052005: Cacti Authentication/Addslashes Bypass Vulnerability

It is highly recommended that all users upgrade immediately. For users whom are unable to upgrade, two different patches have been provided.

  • [Download]: For users of Cacti 0.8.6e
  • [Download]: For users of Cacti 0.8.6d using the Cacti 0.8.6e security patch.

Upgrade Notes

No SQL changes have been made in this release.

Changelog

security: Hardened PHP Project Advisory #042005 - Cacti Authentication/Addslashes Bypass Vulnerability
security: Hardened PHP Project Advisory #022005 - Cacti Multiple SQL Injection Vulnerabilities
security: Hardened PHP Project Advisory #032005 - Cacti Remote Command Execution Vulnerability
 
 
 
Copyright © 2004-2017 The Cacti Group, Inc. - Cacti is the registered trademark The Cacti Group, Inc.


PHP      RRDTool