latest version: 0.8.8f
 Cacti (home)ForumsRepositoryDocumentation

Cacti: The complete RRDTool-based graphing solution.
Latest Files

What is Cacti?
Screen Shots

Download Cacti
Official Patches

Spine (Cactid)
Official Patches

Road Map
SVN Repository
Browse SVN
Report a Bug

Mailing Lists

Support Cacti

Release Notes - 0.8.7g

Important Security Fixes

  • SQL injection and shell escaping issues reported by Bonsai Information Security (
  • MOPS-2010-023: Cacti Graph Viewer SQL Injection Vulnerability (
  • Cross-site scripting issues reported by VUPEN Security (
  • Cross-site scripting issues reported by Red Hat Security Response Team

Important Bug Fixes and Features

There are quite a few bug fixes in the 0.8.7g release. Some highlights include:

  • Fixed various issues with exporting and importing templates that contain special characters
  • Fixed condition that could cause RRDtool to segfault
  • Many fixes to html generation and presentation

Important Notices

  • Boost 4.0 Plugin is required to work with Cacti 0.8.7g


bug: RRDTool 1.4.x not recognized during installation
bug: Implement windows-aware shell escaping
bug: Fixed multiple cross site scripting vulnerabilities reported by Tomas Hoger of the Red Hat Security Response Team
bug#0001292: Over 8TByte Partition in Windows cant get correct data from snmp
bug#0001486: Unable to login after redirection to access denied page
bug#0001516: "Show the page that user pointed their browser" does not seem to work
bug#0001561: Over zelous HTML excaping on filter strings
bug#0001575: LDAP-Authentifications does not work due to ldap_host being set incorrect
bug#0001587: Feature from bug#0001271 breaks on large values
bug#0001607: Web Basic authentication does not work with fastcgi
bug#0001620: Max OID's max value reported incorrectly in Web UI
bug#0001747: oid_suffix do not work correctly for input direction on data queries
bug#0001756: Alternate font styles do not work correctly
bug#0001763: Unable to add graph permissions on a user
bug#0001757: LDAP realm authentication outputs warning for undefined index
bug#0001765: Tech support does not work correctly with RRDTool 1.4.x
bug#0001766: Page refresh setting not being honored
bug#0001771: "index count changed" not implemented for,,, ss_host_cpu.php and ss_host_disk.php
bug#0001773: Character encoding problem after upgrade to 0.8.7f
bug#0001775: Tech support page does account for no memory limit set for PHP
bug#0001776: Simultaneous databases connections are not supported
Copyright © 2004-2012 The Cacti Group, Inc. - Cacti is the registered trademark The Cacti Group, Inc.

PHP      RRDTool