Checkmk werks level1

checkmk-werks-lvl1@lists.checkmk.com

1 participants
15936 discussions

[2.2.0] Checkmk Werk 16511 created: Let cmcdump handle semicolons in plugin output

by Checkmk werks level 1

Title: Let cmcdump handle semicolons in plugin output Class: fix Compatible: compat Component: multisite Date: 1708522742 Edition: cee Level: 1 Version: 2.2.0p23 cmcdump would not handle semicolons correctly, leading to garbled or incomplete output and spurious errors. This has been fixed by escaping semicolons in cmcdump and unescaping them in livestatus.

7 months

[2.4.0] Checkmk Werk 16172 created: kaspersky_av: Don't run kav4fs-control or kesl-control if they aren't owned by root

by Checkmk werks level 1

[//]: # (werk v2) # kaspersky_av: Don't run kav4fs-control or kesl-control if they aren't owned by root key | value ---------- | --- date | 2024-02-27T09:14:50+00:00 version | 2.4.0b1 class | security edition | cre component | checks level | 1 compatible | yes Kaspersky Anti-Virus plugin uses /opt/kaspersky/kav4fs/bin/kav4fs-control and /opt/kaspersky/kesl/bin/kesl-control commands to monitor a Kaspersky Anti-Virus installation. To prevent privilege escalation, the plugin (which is run by root user) must not run executables which can be changed by less privileged users. In the default installation, kav4fs-control and kesl-control commands are owned by root and root is the only user with write permissions, which prevents privilege escalation attacks. With this Werk, the plugin checks if control commands are owned by root and root is the only user with write permissions before running the command. If that's not the case the commands won't be run. This prevents privilege escalation attacks if the permissions of the control commands have been changed. We rate this with a CVSS of 0 (None) (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N). This CVSS is primarily meant to please automatic scanners.

7 months

[2.4.0] Checkmk Werk 15725 created: Cleanup old Microcore config during update procedure

by Checkmk werks level 1

[//]: # (werk v2) # Cleanup old Microcore config during update procedure key | value ---------- | --- date | 2024-02-27T09:23:01+00:00 version | 2.4.0b1 class | fix edition | cre component | core level | 1 compatible | yes This change prevents a problem which might occur in case the `omd update` did not finish successfully. In this situation, the Microcore might be started with a configuration file from the previous version. This could lead to unexpected behavior. Instead of keeping the old configuration, the update procedure now deletes the file which makes the Microcore fail during startup with a more helpful error message.

7 months

[2.4.0] Checkmk Werk 16361 created: Privilege escalation in Windows agent

by Checkmk werks level 1

[//]: # (werk v2) # Privilege escalation in Windows agent key | value ---------- | --- compatible | yes version | 2.4.0b1 date | 2024-02-26T14:44:18+00:00 level | 1 class | security component | checks edition | cre In order to execute some system commands Checkmk Windows agent writes cmd files to `C:\Windows\Temp\` and afterwards executes them. The permissions of the files were set restrictive but existing files were not properly handled. If a cmd file already existed and was write protected the agent was not able to rewrite the file but did not handle this case and executed the file nevertheless. We thank Michael Baer (SEC Consult Vulnerability Lab) for reporting this issue. **Affected Versions**: * 2.2.0 * 2.1.0 * 2.0.0 **Indicators of Compromise**: The filename of the cmd file needed to be guessed therefore the proof-of-concept creates a lot of files in `C\Windows\Temp` with the filename `cmk_all_\d+_1.cmd`. These file-creation events could be monitored. **Vulnerability Management**: We have rated the issue with a CVSS Score of 8.8 (High) with the following CVSS vector: `CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H`. We assigned CVE-2024-0670 to this vulnerability. **Changes**: This Werk changes the temp folder and adds a subfolder with more restrictive permissions in which the files are created. Also errors are handled better.

7 months

[2.4.0] Checkmk Werk 16530 created: Make EC UPDATE command use a list of events

by Checkmk werks level 1

[//]: # (werk v2) # Make EC UPDATE command use a list of events key | value ---------- | --- date | 2024-02-26T14:48:45+00:00 version | 2.4.0b1 class | fix edition | cee component | ec level | 1 compatible | yes Event Console UPDATE command accepts a list of events instead of a single event. With this change the GUI will send a list of events to be updated to the Event Console. This allows for multiple events to be updated in a single command. Avoids the situation where some events are updated and others are not.

7 months

[2.4.0] Checkmk Werk 16015 created: ldap & saml: resolve error when connection config is edited or created

by Checkmk werks level 1

[//]: # (werk v2) # ldap & saml: resolve error when connection config is edited or created key | value ---------- | --- compatible | yes version | 2.4.0b1 date | 2023-07-28T08:14:29+00:00 level | 1 class | fix component | wato edition | cme Prior to this werk, Checkmk raised an error in the following cases: * when the user attempted to create a LDAP connection with a config with the customer option set to "Global" * when the user attempted to change a LDAP connection config with the customer option set to "Global" * when the user attempted to create a SAML connection config * when the user attempted to delete an existing SAML connection config This werk resolves these issues and Checkmk will not throw an error anymore.

7 months

[2.4.0] Checkmk Werk 16500 created: service_discovery: allow discovery on fresh remote host

by Checkmk werks level 1

[//]: # (werk v2) # service_discovery: allow discovery on fresh remote host key | value ---------- | --- compatible | yes version | 2.4.0b1 date | 2024-02-22T16:55:08+00:00 level | 1 class | fix component | rest-api edition | cre The werk 16465 addressed a problem that prevented fetching information about the service discovery background job on a remote site. However, this solution introduced a new limitation, disallowing the execution of discovery in 'refresh' and 'tabula_rasa' modes for newly created hosts on remote sites. This werk successfully resolves this subsequent issue.

7 months

[2.2.0] Checkmk Werk 16369 created: downtimes: Added service_description field to services downtimes

by Checkmk werks level 1

Title: downtimes: Added service_description field to services downtimes Class: feature Compatible: compat Component: rest-api Date: 1708440732 Edition: cre Level: 1 Version: 2.2.0p23 When querying downtimes through the "show all downtimes" endpoint, the service_description field for service downtimes was not included. This werk introduces this field, which is not present in the host downtimes.

7 months

[2.2.0] Checkmk Werk 16500 created: service_discovery: allow discovery on fresh remote host

by Checkmk werks level 1

Title: service_discovery: allow discovery on fresh remote host Class: fix Compatible: compat Component: rest-api Date: 1708620908 Edition: cre Level: 1 Version: 2.2.0p23 The werk 16465 addressed a problem that prevented fetching information about the service discovery background job on a remote site. However, this solution introduced a new limitation, disallowing the execution of discovery in 'refresh' and 'tabula_rasa' modes for newly created hosts on remote sites. This werk successfully resolves this subsequent issue.

7 months

[2.2.0] Checkmk Werk 16339 created: mtr: Fix section parsing error

by Checkmk werks level 1

Title: mtr: Fix section parsing error Class: fix Compatible: compat Component: checks Date: 1708900251 Edition: cre Level: 1 Version: 2.2.0p23 When the mtr section contained a line that started with <code><strong>ERROR</strong></code>, the parsing of the section failed. This has now been fixed. The lines starting with <code><strong>ERROR</strong></code> will be ignored.

7 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Checkmk werks level1