Blog Entries

14. 12. 2021 Luca Franzoi Bug Fixes, NetEye

NetEye 3 Logstash and Elasticsearch – Security Advisory

Synopsis Important: Elasticsearch and Logstash security mitigation Type/Severity Security Advisory: Important Topic A mitigation for Logstash and Elasticsearch is now available for NetEye 3. NetEye Product Security has rated this mitigation as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for…

Read More
13. 03. 2020 Luca Franzoi Bug Fixes, Log Management, Log-SIEM, NetEye, Unified Monitoring

Bug discovered on NetEye module logmanagement and SIEM

A bug has been discovered on NetEye modules logmanagement and SIEM. If affected, rsyslog directories on system might be created with wrong permissions causing Logstash to be unable to load log lines of some hosts inside Elasticsearch. Users might also receive an error message trying to check signatures for some hosts inside Logmanager Log Check….

Read More
14. 01. 2020 Luca Franzoi NetEye, Unified Monitoring

Using Nmap as an Import Source for NetEye 4

Depending on your network configuration it might be useful to import reachable devices in NetEye 4. This operation can be accomplished using the Nmap tool (already installed on your machine) and an Icingaweb module. Follow these steps to install the module: Download the archive from here Put the contents of the archive in the NetEye…

Read More
10. 12. 2019 Luca Franzoi Downloads / Release Notes, ITOA, NetEye, Unified Monitoring

Grafana User Management Deprecation in NetEye 4.10

A manual user configuration migration is required before upgrading to 4.10. Starting in version 4.9, NetEye supports Grafana user management, which is completely integrated into NetEye via its existing roles mechanism. NetEye administrators can create new roles that map to Grafana roles (admin, editor or viewer) at the level of organizations and teams. NetEye users must then be…

Read More
03. 09. 2019 Luca Franzoi Bug Fixes, NetEye

Security Fix for NetEye 3.17

A vulnerability has been detected on the Nagios web interface. Attackers may exploit this vulnerability to gain access to sensitive information or crash the affected application, denying service to legitimate users. To guarantee the security of your system, we recommend applying last released patch: neteye-3.12.1-3.5.1p8.nagios.1.x86_64.rpm . Update your system using following commands: yum clean all…

Read More
27. 11. 2017 Luca Franzoi Service Management

EriZone – Security Advisory

A vulnerability has been detected on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS 3.3.x, Erizone 3.x and EriZone 5.x systems. This vulnerability takes advantage of a Code injection in Kernel/System/Spelling.pm and is classified with a severity of 8.6 (high). To guarantee the security of your system,…

Read More
27. 11. 2017 Luca Franzoi Service Management

EriZone – Security Advisory

A vulnerability has been detected on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS 3.3.x, Erizone 3.x and EriZone 5.x systems. This vulnerability takes advantage of a Code injection in Kernel/System/Spelling.pm and is classified with a severity of 8.6 (high). To guarantee the security of your system,…

Read More
27. 11. 2017 Luca Franzoi Service Management

EriZone – Security Advisory

A vulnerability has been detected on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS 3.3.x, Erizone 3.x and EriZone 5.x systems. This vulnerability takes advantage of a Code injection in Kernel/System/Spelling.pm and is classified with a severity of 8.6 (high). To guarantee the security of your system,…

Read More
21. 09. 2017 Luca Franzoi Service Management

Erizone – Avviso di sicurezza

È stata scoperta una vulnerabilità nell’interfaccia agente dei sistemi EriZone – OTRS che coinvolge tutti i sistemi OTRS 3.3.*, Erizone 3.x ed Erizone 5.x. Tale vulnerabilità sfrutta una falla nel sistema di statistiche lato agente e gli è stata assegnata una criticità di livello alto. Al fine di garantire la sicurezza del sistema è consigliabile…

Read More
21. 09. 2017 Luca Franzoi Service Management

EriZone – Security Advisory

A vulnerability has been detected on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS 3.3.x, Erizone 3.x and EriZone 5.x systems. This vulnerability takes advantage of a hole in agent statistics module and has been classified with a “high” risk. To guarantee the security of your system,…

Read More
21. 09. 2017 Luca Franzoi Service Management

EriZone – Security Advisory

A vulnerability has been detected on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS 3.3.x, Erizone 3.x and EriZone 5.x systems. This vulnerability takes advantage of a hole in agent statistics module and has been classified with a “high” risk. To guarantee the security of your system,…

Read More
31. 05. 2017 Luca Franzoi Service Management

EriZone – Avviso di sicurezza

È stata scoperta una vulnerabilità nell’interfaccia agente dei sistemi EriZone – OTRS che coinvolge tutti i sistemi OTRS, Erizone 3.x e Erizone 5.x. A tale vulnerabilità è stata assegnata una criticità di livello alto. Al fine di garantire la sicurezza del sistema è consigliabile de-registrare il modulo Installer.pm. Per farlo sarà sufficiente editare il file…

Read More
31. 05. 2017 Luca Franzoi Service Management

EriZone – Security Advise

It was detected a vulnerability on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS, Erizone 3.x and EriZone 5.x systems The severity of this vulnerability has been categorized with “high”. To guarantee the security of your system, we recommend to disable the Installer.pm module. Modify the file /opt/erizone/otrs/Kernel/Config.pm…

Read More
31. 05. 2017 Luca Franzoi Service Management

EriZone – Sicherheitshinweis

Auf dem Agent-Interface der EriZone – OTRS Systeme wurde eine Sicherheitslücke entdeckt. Nachfolgendes gilt für alle OTRS Systeme, sowie EriZone 3.x und EriZone 5.x Der Vulnerabilität wurde Wichtigkeit “hoch” zugewiesen. Um die Sicherheit Ihres Systems zu garantieren, empfehlen wir Ihnen das Installer.pm Modul zu deaktivieren. Ändern Sie dafür das File /opt/erizone/otrs/Kernel/Config.pm und fügen Sie folgende…

Read More

Archive