31. 05. 2017 Luca Franzoi Service Management

EriZone – Sicherheitshinweis

Auf dem Agent-Interface der EriZone – OTRS Systeme wurde eine Sicherheitslücke entdeckt. Nachfolgendes gilt für alle OTRS Systeme, sowie EriZone 3.x und EriZone 5.x

Der Vulnerabilität wurde Wichtigkeit “hoch” zugewiesen.

Um die Sicherheit Ihres Systems zu garantieren, empfehlen wir Ihnen das Installer.pm Modul zu deaktivieren.
Ändern Sie dafür das File /opt/erizone/otrs/Kernel/Config.pm und fügen Sie folgende Zeilen ein:

# Security FIX # WP 31.05.2017
delete $Self->{'Frontend::Module'}->{Installer};

Diese Zeilen werden direkt nach dem folgenden Code-Block eingefügt:

# ----------------------------------------------- #
# fs root directory
# ----------------------------------------------- #

$Self->{Home} = '/opt/otrs';

Weitere Informationen zu diesem Thema finden Sie unter http://www.cvedetails.com/cve/CVE-2014-9324/

Technische Details:

  • Date: 2017-05-30
  • Title: Installer Routine Vulnerability
  • Severity: High
  • Product: OTRS 3.2.* EriZone 3.* and EriZone 5.*
  • References: CVE-2017-9324
Luca Franzoi

Luca Franzoi

Service & Support Engineer at Würth Phoenix

Author

Luca Franzoi

Latest posts by Luca Franzoi

05. 05. 2025 Unified Monitoring
How to Reduce Icinga 2 Log Verbosity, and Regularly Clean Them from Event Viewer
05. 02. 2025 AI, Uncategorized
Will AI Take Over the World?
14. 12. 2021 Bug Fixes, NetEye
NetEye 3 Logstash and Elasticsearch – Security Advisory
13. 03. 2020 Bug Fixes, Log Management, Log-SIEM, NetEye, Unified Monitoring
Bug discovered on NetEye module logmanagement and SIEM
14. 01. 2020 NetEye, Unified Monitoring
Using Nmap as an Import Source for NetEye 4
See All

Related Content

Tags: , ,

07. 07. 2025 Bug Fixes, NetEye

NetEye Security Advisory

Important: Elastic Stack security update (installed with SIEM) Type/Severity NetEye Product Security has rated this update as having a Critical security impact. Topic An update for the kibana package is now available for NetEye 4. Security Fix for NetEye 4.41 8.18.3_neteye3.79.1-1 CVSSv3.1: 9.9 Read More
14. 05. 2025 Bug Fixes, NetEye

NetEye Security Advisory

Important: Elastic Stack security update (installed with SIEM) Type/Severity NetEye Product Security has rated this update as having a Critical security impact. Topic An update for the kibana package is now available for NetEye 4. Security Fix for NetEye 4.41 8.17.6_neteye3.74.6-1 CVSSv3.1: 9.1(Critical) Read More
09. 05. 2025 Bug Fixes, NetEye

NetEye 4 – Security Advisory

Important: Grafana security update Type/Severity NetEye Product Security has rated this update as having a security impact of High Topic An update for the package grafana is now available for NetEye 4. Security Fix for NetEye 4.41 11.6.1_neteye3.27.1-1 For details on how Read More
17. 04. 2025 Bug Fixes, NetEye

NetEye 4 – Security Advisory

Important: Chromium security update Type/Severity NetEye Product Security has rated this update as having a security impact of Low Security Fix for NetEye 4.41 An update for the following packages is now available for NetEye 4: chromium to version 133.0.6943.141-1 Read More
03. 04. 2025 Bug Fixes, NetEye

NetEye 4 – Security Advisory

Important: Icingaweb2 Module Neteye security update Type/Severity NetEye Product Security has rated this update as having a security impact of Low Topic An update for the package icingaweb2-module-neteye is now available for NetEye 4. Security Fix for NetEye 4.41 1.164.2-1 For Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Search by technology

Contact

Contact us
Serviceportal

Archive