Cacti 0.8.8e 發布,網絡流量檢測圖形分析工具
Cacti 在英文中的意思是仙人掌的意思,Cacti是一套基于PHP,MySQL,SNMP及RRDTool開發的網絡流量監測圖形分析工具。它通過 snmpget來獲取數據,使用 RRDtool繪畫圖形,而且你完全可以不需要了解RRDtool復雜的參數。它提供了非常強大的數據和用戶管理功能,可以指定每一個用戶能查看樹狀結 構、host以及任何一張圖,還可以與LDAP結合進行用戶驗證,同時也能自己增加模板,功能非常強大完善。
下圖是cacti運行的主界面
-
多個 XSS 和 SQL 注入漏洞
-
CVE-2015-4634 - graphs.php 上的 SQL 注入
更新日志:
bug: Fixed issue with graph zooming failing to work
bug: Fixed various SQL Injection vectors
bug#0002569: Impossible to have a URL pointing directly to a graph
bug#0002574: SQL Injection Vulnerabilities in graph items and graph template items
bug#0002577: CVE-2015-4634 - SQL injection in graphs.php
bug#0002579: SQL Injection Vulnerabilities in data sources
bug#0002580: SQL Injection in cdef.php
bug#0002582: SQL Injection in data_templates.php
bug#0002583: SQL Injection in graph_templates.php
bug#0002584: SQL Injection in host_templates.php
bug#0002586: Cannot delete data sources from the GUI
bug#0002592: graph_view.php - viewing host in new tab - Undefined index: nodeid
bug#0002594: status_fail_date and status_rec_date are set incorrectly after host is marked down
bug#0002597: Incorrect value in Hosts column on Host Templates page
bug#0002598: Incorrect row number in Devices -> (Edit) page