網絡流量檢測圖形分析工具,Cacti 0.8.8d 發布
Cacti 在英文中的意思是仙人掌的意思,Cacti是一套基于PHP,MySQL,SNMP及RRDTool開發的網絡流量監測圖形分析工具。它通過 snmpget來獲取數據,使用 RRDtool繪畫圖形,而且你完全可以不需要了解RRDtool復雜的參數。它提供了非常強大的數據和用戶管理功能,可以指定每一個用戶能查看樹狀結 構、host以及任何一張圖,還可以與LDAP結合進行用戶驗證,同時也能自己增加模板,功能非常強大完善。
下圖是cacti運行的主界面
Cacti 架構圖:
-
多個 XSS 和 SQL 注入漏洞
下載:
更新日志
feature: Remove un-needed fonts and javascript files
bug: Fixed SQL injection VN: JVN#78187936 / TN:JPCERT#98968540
bug#0002261: PHP 5.4.0 added new error_reporting variable, causing cacti to show errors
bug#0002391: Odd Behaviour on ReIndex of Data Query Data
bug#0002393: Broken thumbnail images for graph templates
bug#0002402: Subtree must not have the same header as the parent header
bug#0002474: CLI add_device.php dows not set availability_method correctly
bug#0002449: The Save button does not work: Invalid html on page Console -> Cacti Settings: empty form tag
bug#0002428: Fail to delete all data input items when removing more than 1000 data sources
bug#0002439: Password with special character don't work with LDAP authentication
bug#0002461: invalid bn with ldap and anonymous bind
bug#0002465: Graph Export return empty CSV file
bug#0002484: Incorrect SQL request in cli script repair_database.php
bug#0002485: Broken pagenation on graph viewing
bug#0002489: SNMP - Get Mounted Partitions using Re-index method of Index Count Changed causes recache event every time
bug#0002490: Can not select page for multiple datasources per device
bug#0002494: CSV export always shows last day
bug#0002504: Data template search not functional
bug#0002542: [FG-VD-15-017] Cacti Cross-Site Scripting Vulnerability Notification
bug#0002543: Unable to switch pages within graphs_new.php due to invalid URL generation
bug#0002544: Duplicate entry in $nav_url during list view
bug#0002571: SQL Injection and Location header injection from cdef id CVE-2015-4342
bug#0002572: SQL injection in graph templates
更多內容請看發行說明。
來自:http://www.oschina.net/news/63249/cacti-0-8-8-d