latest version: 1.2.1
 Cacti (home)ForumsDocumentation

Cacti: The complete RRDTool-based graphing solution.

What is Cacti?


Support Cacti
Report an Issue

Mailing Lists


Release Notes - 0.8.6j

Important Security Fixes

Multiple security vulnerabilities have been discovered in Cacti's PHP-based poller. See below for additional information.

  • CVE-2006-6799: Cacti Command Execution and SQL Injection Vulnerabilities

It is highly recommended that all users upgrade immediately. For users whom are unable to upgrade, two different patches have been provided.

Important Bug Fixes

A few minor bugs have been fixed in this release. See the changelog below for complete details.

Upgrade Notes

No SQL changes have been made in this release.


bug#0000842: SNMPv3 password field does not check if entered passwords match.
bug#0000848: Fix "PHP Script Server communications lost" error in the poller under high network load.
bug#0000859: User log "purge" now keeps the last successful login.
bug#0000861: Use downed host detection even when the SNMP community is blank.
bug#0000864: Apply natural sort to graph items in the tree.
bug#0000867: Apply various cleanups to poller.php and lib/poller.php.
bug#0000870: Add sorting to the graph templates list on the "Change Graph Template" page.
bug#0000877: Fix issue that caused PHP 5.2.0 to break the Windows cmd.php poller.
bug#0000882: Add "collapsible" branches to the graph tree editor.
bug#0000883: Fix exploit in cmd.php with register_argc_argv enabled in PHP.
bug#0000884: Add bottom navigation bar to graph viewing.
bug#0000885: Fix issue causing spaces to be removed when importing/exporting data input methods.
bug#0000886: Allow SNMP ping to utilize the snmpgetnext call instead of snmpget.
bug#0000890: Fix issue with dec-vulnerability-poller patch breaking graph_view.php.
bug#0000892: Fix hostname sorting on the devices page for IP addresses.
bug#0000894: poller.php does not give any output with MySQL disabled in CLI's php.ini.
bug: Template export produces invalid XML escaped character encoding.
bug: Data queries were not sorted properly during initial display.
bug: Apply various graph changes required for Boost plugin.
bug: If your system has no hosts or graphs, you would get a warning when creating new graphs.
bug: If using the CGI version of PHP, the script server risked not starting properly.
Copyright © 2004-2019 The Cacti Group, Inc. - Cacti is the registered trademark The Cacti Group, Inc.

PHP      RRDTool