Cacti 0.8.8d 发布,此版本包括一个重要的安全修复: 多个 XSS 和 SQL 注入漏洞 下载: cacti-0.8.8d.tar.gz cacti-0.8.8d.zip 更新日志 feature: Remove un-needed fonts and javascript files bug: Fixed SQL injection VN: JVN#78187936 / TN:JPCERT#98968540 bug#0002261: PHP 5.4.0 added new error_reporting variable, causing cacti to show errors bug#0002391: Odd Behaviour on ReIndex of Data Query Data bug#0002393: Broken thumbnail images for graph templates bug#0002402: Subtree must not have the same header as the parent header bug#0002474: CLI add_device.php dows not set availability_method correctly bug#0002449: The Save button does not work: Invalid html on page Console -> Cacti Settings: empty form tag bug#0002428: Fail to delete all data input items when removing more than 1000 data sources bug#0002439: Password with special character don't work with LDAP authentication bug#0002461: invalid bn with ldap and anonymous bind bug#0002465: Graph Export return empty CSV file bug#0002484: Incorrect SQL request in cli script repair_database.php bug#0002485: Broken pagenation on graph viewing bug#0002489: SNMP - Get Mounted Partitions using Re-index method of Index Count Changed causes recache event every time bug#0002490: Can not select page for multiple datasources per device bug#0002494: CSV export always shows last day bug#0002504: Data template search not functional bug#0002542: [FG-VD-15-017] Cacti Cross-Site Scripting Vulnerability Notification bug#0002543: Unable to switch pages within graphs_new.php due to invalid URL generation bug#0002544: Duplicate entry in $nav_url during list view bug#0002571: SQL Injection and Location header injection from cdef id CVE-2015-4342 bug#0002572: SQL injection in graph templates 更多内容请看发行说明。 Cacti 在英文中的意思是仙人掌的意思,Cacti是一套基于PHP,MySQL,SNMP及RRDTool开发的网络流量监测图形分析工具。它通过 snmpget来获取数据,使用 RRDtool绘画图形,而且你完全可以不需要了解RRDtool复杂的参数。它提供了非常强大的数据和用户管理功能,可以指定每一个用户能查看树状结 构、host以及任何一张图,还可以与LDAP结合进行用户验证,同时也能自己增加模板,功能非常强大完善。 下图是cacti运行的主界面 Cacti 架构图: Cacti 0.8.8d 发布,网络流量检测图形分析工具下载地址
