EriZone – Security Advise

Posted by on May 31, 2017 in EriZone & OTRS | 0 comments

It was detected a vulnerability on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS, Erizone 3.x and EriZone 5.x systems

The severity of this vulnerability has been categorized with “high”.

To guarantee the security of your system, we recommend to disable the Installer.pm module.
Modify the file /opt/erizone/otrs/Kernel/Config.pm and insert following lines:

# Security FIX # WP 31.05.2017
delete $Self->{'Frontend::Module'}->{Installer};

This lines has to be inserted directly after the following code block:

# ----------------------------------------------- #
# fs root directory
# ----------------------------------------------- #

$Self->{Home} = '/opt/otrs';

Further information regarding this topic can be found on http://www.cvedetails.com/cve/CVE-2014-9324/

 


 

Technical details:

  • Date: 2017-05-30
  • Title: Installer Routine Vulnerability
  • Severity: High
  • Product: OTRS 3.2.* EriZone 3.* and EriZone 5.*
  • References: CVE-2017-9324
Read More

EriZone 5.1: Improved ticket printing functionality

Posted by on May 10, 2017 in EriZone & OTRS | 0 comments

The PDF printing functionality has been improved with the last version of EriZone 5.1. It is now possible to print to PDF all images and html included in the ticket. In this way the generated / printed PDF becomes a true copy of the original ticket that can be used in different offline scenarios.  For instance, sometimes it’s useful to have a hard (printed) copy of the ticket to hand in a report to meeting participants.

Here is a simple example of a welcome ticket composed of tree articles:

Improved Printing functionality in EriZone 5.1

Read More

EriZone 5.1: Service Catalogue Translation

Posted by on May 10, 2017 in EriZone & OTRS | 0 comments

The service catalogue is a focal point in ITIL, and often it is even the starting point for ITSM implementation. EriZone is an ITSM tool that fully supports Service Catalogue Management. With the recently released verion 5.1 of EriZone the service catalogue has become multilingual to face the requirements of multinational service providers and their customers.

EriZone 5.1 - Service Catalogue Translation 1

Fig.1. Multilingual Service Catalogue

Read More

Review: NetEye & EriZone User Group 2017 in Nürnberg

Posted by on Mar 28, 2017 in EriZone & OTRS, NetEye | 0 comments

Gruppenfoto klein

On the 23rd of this month, the NetEye and EriZone User Group in its German version took place on in the historic tramway depot “St. Peter” in Nuremberg. The event has been hosted by NetEye customer N-ERGIE Aktiengesellschaft.

Participants had the opportunity to exchange information and experiences with other customers and got insights to the latest product features with special focus on actual topics like IT-Security and Internet of Things.  They also actively participated in the definition of the NetEye and EriZone roadmaps.

Read More