Branch: refs/heads/2.1.0
Home: https://github.com/Checkmk/checkmk
Commit: 6c772598aac4018077fadeb0c38b94381cafb27f
https://github.com/Checkmk/checkmk/commit/6c772598aac4018077fadeb0c38b94381…
Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com>
Date: 2024-02-27 (Tue, 27 Feb 2024)
Changed paths:
A .werks/16361
Log Message:
-----------
16361 SEC Privilege escalation in Windows agent
In order to execute some system commands Checkmk Windows agent writes cmd files to `C:\Windows\Temp\` and afterwards executes them.
The permissions of the files were set restrictive but existing files were not properly handled.
If a cmd file already existed and was write protected the agent was not able to rewrite the file but did not handle this case and executed the file nevertheless.
We thank Michael Baer (SEC Consult Vulnerability Lab) for reporting this issue.
**Affected Versions**:
* 2.2.0
* 2.1.0
* 2.0.0
**Indicators of Compromise**:
The filename of the cmd file needed to be guessed therefore the proof-of-concept creates a lot of files in `C\Windows\Temp` with the filename `cmk_all_\d+_1.cmd`.
These file-creation events could be monitored.
**Vulnerability Management**:
We have rated the issue with a CVSS Score of 8.8 (High) with the following CVSS vector:
`CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H`.
We assigned CVE-2024-0670 to this vulnerability.
**Changes**:
This Werk changes the temp folder and adds a subfolder with more restrictive permissions in which the files are created.
Also errors are handled better.
Change-Id: I9b6b6dbe68d638c9e0dcf127646783d15f1df589
To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications
Branch: refs/heads/2.2.0
Home: https://github.com/Checkmk/checkmk
Commit: 22de8967ee57635f022996260036f7059c359d77
https://github.com/Checkmk/checkmk/commit/22de8967ee57635f022996260036f7059…
Author: Maximilian Wirtz <maximilian.wirtz(a)checkmk.com>
Date: 2024-02-27 (Tue, 27 Feb 2024)
Changed paths:
A .werks/16361
Log Message:
-----------
16361 SEC Privilege escalation in Windows agent
In order to execute some system commands Checkmk Windows agent writes cmd files to `C:\Windows\Temp\` and afterwards executes them.
The permissions of the files were set restrictive but existing files were not properly handled.
If a cmd file already existed and was write protected the agent was not able to rewrite the file but did not handle this case and executed the file nevertheless.
We thank Michael Baer (SEC Consult Vulnerability Lab) for reporting this issue.
**Affected Versions**:
* 2.2.0
* 2.1.0
* 2.0.0
**Indicators of Compromise**:
The filename of the cmd file needed to be guessed therefore the proof-of-concept creates a lot of files in `C\Windows\Temp` with the filename `cmk_all_\d+_1.cmd`.
These file-creation events could be monitored.
**Vulnerability Management**:
We have rated the issue with a CVSS Score of 8.8 (High) with the following CVSS vector:
`CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H`.
We assigned CVE-2024-0670 to this vulnerability.
**Changes**:
This Werk changes the temp folder and adds a subfolder with more restrictive permissions in which the files are created.
Also errors are handled better.
Change-Id: I9b6b6dbe68d638c9e0dcf127646783d15f1df589
To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications
Branch: refs/heads/2.3.0
Home: https://github.com/Checkmk/checkmk
Commit: 5973d674a775d5b4fb89907452f3920afe5bc8d4
https://github.com/Checkmk/checkmk/commit/5973d674a775d5b4fb89907452f3920af…
Author: Andreas Umbreit <andreas.umbreit(a)checkmk.com>
Date: 2024-02-27 (Tue, 27 Feb 2024)
Changed paths:
M packages/check-http/src/checks.rs
M packages/check-http/src/output.rs
M packages/check-http/src/runner.rs
M packages/check-http/tests/test_http.rs
Log Message:
-----------
check_http: Reformat output
- Separate Method and version output
- Output of initial and final (if redirected) URLs
- Remove redundant leading "HTTP <State>" Output
CMK-16160
Change-Id: I9fa995bfd79fe1b58374553fa9719e77139a6cc2
To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications
Branch: refs/heads/master
Home: https://github.com/Checkmk/checkmk
Commit: 9d1743bbbf3d100127fef5ed046d6c38542c76d2
https://github.com/Checkmk/checkmk/commit/9d1743bbbf3d100127fef5ed046d6c385…
Author: Frans Fürst <frans.fuerst(a)checkmk.com>
Date: 2024-02-27 (Tue, 27 Feb 2024)
Changed paths:
M omd/packages/python3-modules/python3-modules.make
Log Message:
-----------
Python modules/source deploy: fix invalid pyc files: quick fix
Instead of consistently creating all needed pyc files at the correct place, this fix 'repairs' the
pyc files after the Bazel build.
Will vanish with the real fix.
Change-Id: I05852b987965b3eb7fb9108b37334d5a72234c05
To unsubscribe from these emails, change your notification settings at https://github.com/Checkmk/checkmk/settings/notifications