Overview I think there are different ways companies use to achieve the purpose of making their own software more secure, for example paying other dedicated companies to do penetration tests. Our approach was the same, initially…the most obvious problems were found and fixed. But there was something we weren’t buying. We weren’t satisfied, we knew…
Read MoreIntro This post continues the analysis of a bug I had to deal with recently. If you missed the first part, I suggest you go take a look at it before continuing with this. If, on the other hand, you’ve been anxiously waiting for this post XD, we’re ready to get into the thick of…
Read MoreIntro In this post I’d like to explain the technique I chose to discover the cause of a bug I recently worked on, and why I made certain choices, given the not-so-common circumstances: part of a GUI I was debugging stopped working. It depended on third-party code and was therefore largely unfamiliar to me. Another…
Read MoreSynopsis Important: Multiple Security updates for NetEye 4 Type/Severity Security Advisory: Critical Topic Wuerth Phoenix has released some Critical Patches (CPs) for NetEye 4. These CPs resolve multiple vulnerabilities related to SQL injections, Cross Site Scripting and an unauthenticated remote command execution (RCE) exploit. Description GLPI was affected by: [Critical] RCE using a third-party library script…
Read MoreWe updated NagVis to the latest bug fix. For NetEye 4.23 we updated the following packages: nagvis and nagvis-autosetup to version 1.9.31_neteye1.6.1-1
Read MoreWe fixed a bug in the SLM Resource Reports, where in random Grafana dasboards panels were not rendered correctly. For NetEye 4.20 we updated the following packages: grafana-panel-renderer to version 1.2.1-1
Read MoreWe fix a userguide bug about the procedure to migrate the Nats Server to a supported configuration. For NetEye 4.19 we updated the following packages: nats-server and nats-server-autosetup to version 2.1.7_neteye1.12.1-1
Read MoreWe fixed some bugs in the Geo Map layers configuration form. For NetEye 4.19 we updated the following packages: icingaweb2-module-geomap, icingaweb2-module-geomap-autosetup to version 1.10.1-1
Read MoreWe fixed a bug in the core libraries. For NetEye 4.19 we updated the following packages: neteye-setup to version 1.74.1-1
Read MoreWith this bugfix, we disabled the SSL v3 and the TLS v1.0 protocols for the incoming connections on port 443 (HTTPS). For NetEye 4.18 we updated the following packages: httpd-neteye-config, httpd-neteye-config-autosetup to version 1.9.1-1
Read MoreWith this bugfix release, we fixed a problem related to the Elastic Blockchain Proxy with a large amount of indexed logs. For NetEye 4.18 we updated the following packages: elastic-blockchain-proxy and elastic-blockchain-proxy-autosetup to version 0.15.2-1
Read MoreWe have fixed the link to the 4.18 upgrade userguide. For NetEye 4.17 we updated the following packages: icingaweb2-module-update and icingaweb2-module-update-autosetup to version 1.17.1-1
Read MoreWe fixed a bug in GLPI that solves security issues and bugs. For NetEye 4.17 we updated the following packages: glpi, glpi-neteye-config and glpi-autosetup to version 9.5.5_neteye1.9.4-1
Read MoreWe fixed a bug in GLPI that allowed a possible SQL injection attack. For NetEye 4.17 we updated the following packages: glpi, glpi-neteye-config and glpi-autosetup to version 9.5.2_neteye1.9.4-1 icingaweb2-module-assetmanagement and icingaweb2-module-assetmanagement-autosetup to version 1.21.0-2
Read MoreUse Case Suppose we want to trigger Fusion Inventory execution in a GLPI installation, where we can then use the Autonomous mode to import data into GLPI via a CURL request. Let’s see how JWT (JSON Web Token) can help us in NetEye 4.15. Prerequisites A NetEye 4.15 (or later) installation with the Asset module…
Read More