The latest version of NMIS can be downloaded from the Opmantek.com Download Page
| Table of Contents |
|---|
NMIS 8.5.12G
This version of NMIS was released on 8 June 2016. It fixes two security issues and contains a number of (mostly minor) improvements and bug fixes.
Highlights for the 8.5.12G release
- A number of XSS vulnerabilities (Cross-Site Scripting) were fixed.
None of these were exploitable without being logged in, and being an administrator of NMIS or one of the devices monitored. - A command-injection vulnerability in the Tools module was fixed.
This was not exploitable with the default configuration, as the respective command (finger) isn't enabled. - All inputs from SNMP or log files or user-editable node configuration items are now safeguarded against XSS.
- NMIS now ships with the automatic model upgrade tool integrated into the upgrade process.
- NMIS can now lock out accounts after a number of consecutive failed logins. This feature is not enabled by default.
- Various robustness improvements in the installer.
- Various minor scalability improvements in the NMIS polling core.
NMIS 8.5.10G
This version of NMIS is scheduled for release on 7 September 2015.
...