70 matches found
openSUSE Security Advisory (openSUSE-SU-2024:0371-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2024:0372-1 Security update for icinga2
This update for icinga2 fixes the following issues: Update to 2.13.10: - CVE-2024-49369: Fix TLS certificate validation bypass bsc1233310...
OPENSUSE-SU-2024:0371-1 Security update for icinga2
This update for icinga2 fixes the following issues: Update to 2.13.10: - CVE-2024-49369: Fix TLS certificate validation bypass bsc1233310...
Security update for icinga2 (important)
openSUSE Security Update: Security update for icinga2 Announcement ID: openSUSE-SU-2024:0371-1 Rating: important References: 1233310 Cross-References: CVE-2024-49369 CVSS scores: CVE-2024-49369 SUSE: 10 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H Affected Products: openSUSE...
Security update for icinga2 (important)
openSUSE Security Update: Security update for icinga2 Announcement ID: openSUSE-SU-2024:0372-1 Rating: important References: 1233310 Cross-References: CVE-2024-49369 CVSS scores: CVE-2024-49369 SUSE: 10 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H Affected Products: openSUSE...
Debian: Security Advisory (DLA-3953-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DLA-3953-1 icinga2 - security update
Bulletin has no description...
icinga2-2.14.3-1.1 on GA media (moderate)
icinga2-2.14.3-1.1 on GA media Announcement ID: openSUSE-SU-2024:14493-1 Rating: moderate Cross-References: CVE-2024-49369 CVSS scores: CVE-2024-49369 SUSE : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2024-49369 SUSE : 10 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H...
OPENSUSE-SU-2024:14493-1 icinga2-2.14.3-1.1 on GA media
These are all security issues fixed in the icinga2-2.14.3-1.1 package on the GA media of openSUSE Tumbleweed...
icinga2 -- TLS Certificate Validation Bypass
The Icinga project reports: Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0 was flawed, allowing an attacker to...
OPENSUSE-SU-2024:10856-1 icinga2-2.13.1-1.3 on GA media
These are all security issues fixed in the icinga2-2.13.1-1.3 package on the GA media of openSUSE Tumbleweed...
Icinga Web 2.10 Arbitrary File Disclosure
!/usr/bin/env python3 Exploit Title: Icinga Web 2.10 - Arbitrary File Disclosure Date: 2023-03-19 Exploit Author: Jacob Ebben Vendor Homepage: https://icinga.com/ Software Link: https://github.com/Icinga/icingaweb2 Version: 2.8.6, 2.9.6, 2.10 Tested on: Icinga Web 2 Version 2.9.2 on Linux CVE:...
SUSE CVE-2020-14004
An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script run as part of the icinga2 systemd service executes chmod 2750 /run/icinga2/cmd. /run/icinga2 is under control of an unprivileged user by default. If /run/icinga2/cmd is a symlink, then it will by followed and arbitrar...
SUSE SLES12: icinga2 / icinga2-bin / icinga2-common / icinga2-doc / etc (SUSE-SU-2022:3725-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3725-1 advisory. - CVE-2020-14004: prepare-dirs script allows for symlink attack in the icinga user context. bsc1172171 - CVE-2020-29663: ignoring...
SUSE-SU-2022:3725-1 Security update for icinga2
This update for icinga2 fixes the following issues: - CVE-2020-14004: prepare-dirs script allows for symlink attack in the icinga user context. bsc1172171 - CVE-2020-29663: ignoring CRL, where revoked certificates due for renewal will automatically be renewed. bsc281137 - CVE-2021-37698: Missing...
Icinga Web 2: Multiple Vulnerabilities
Background Icinga Web 2 is a frontend for icinga2. Description Multiple vulnerabilities have been discovered in Icinga Web 2. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at...
Debian: Security Advisory (DLA-2816-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2816-1] icinga2 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2816-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler November 10, 2021 https://wiki.debian.org/LTS -...
DLA-2816-1 icinga2 - security update
Bulletin has no description...
openSUSE: Security Advisory for icinga2 (openSUSE-SU-2021:1089-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...