Support news

OP5 Monitor 7.3.5: Some graphs are red with error messages

January 16, 2017

We found a flaw after updating RRDTool to the latest version in the 7.3.5 release of OP5 Monitor where some of the PNP graphs would display a red error message. No data is lost and the error is present in graphs using check_by_snmp_* check commands and some custom templates for customers.

This only affects users running version 7.3.5 version of OP5 Monitor.

 

Symptoms

Red error message instead of a graph.

 

Solution

 

Instead of using the custom template it is possible to use the default template to get the graph back. We are currently working on fixing the graphs shipped with OP5 Monitor so hang tight for a later version.

Additional Information

You can read more about it in the reported issue: https://jira.op5.com/browse/MON-9986

OP5 Monitor 7.3.4: Logger not cleaning out old log data

December 22, 2016

We found a flaw in Logger in the 7.3.4 release of OP5 Monitor where the retention time would not be honored.

This only affects users running version 7.3.4 version of OP5 Monitor.

 

Symptoms

Since Logger isn’t rotating out old data honoring the value “Keep in database for”, the disk usage may increase drastically, and in some cases where Logger is the receiver of log data from many devices, it can fill up the disk entirely.

 

Solution

Update to the latest version of the package op5-logserver-db via yum:

# yum clean metadata
# yum update op5-logserver-db

 

Additional Information

You can read more about it in the reported issue: https://jira.op5.com/browse/MON-9958

OP5 Monitor information about recent vulnerabilities CVE-2016-9566 and CVE-2016-9565

December 20, 2016

It has come to our attention that recent CVEs has been affecting Nagios and by this post we would like to address if these issues apply to OP5 Monitor and Naemon.

 

CVE-2016-9565, Curl Command Injection / Remote Code Execution:

Does not affect OP5 Monitor since the affected parts do not exist in OP5 Monitor.

 

CVE-2016-9566, Root Privilege Escalation:

Does not affect OP5 Monitor version 7.0.6 or later since OP5 Monitor does not start the Naemon service as root, thus this privilege escalation can not be used.

User running versions prior to OP5 Monitor 7.0.6 are recommended to upgrade to mitigate CVE-2016-9566.

Sources

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9565
https://legalhackers.com/advisories/Nagios-Exploit-Command-Injection-CVE-2016-9565-2008-4796.html

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9566
https://legalhackers.com/advisories/Nagios-Exploit-Root-PrivEsc-CVE-2016-9566.html

 

Dell OMSA 8.4.0 upgrade leaves services in stopped state

October 25, 2016

We have noticed that the after upgrading to the latest version (8.4.0) of Dell OMSA, the services are left in a stopped state, and the default hardware check in Monitor will output something like:

 

ERROR: (SNMP) OpenManage is not installed or is not working correctly

 

To fix this, log in as root on the Monitor machine, and issue the following command:

 

srvadmin-services.sh restart

Dirty cow Linux kernel local privilege escalation vulnerability

October 24, 2016

A Kernel Local Privilege Escalation vulnerability has been reported and designated CVE-2016-5195. The vulnerability has been given the nickname Dirty Cow.

To check if your server has a vulnerable kernel version, please use the tool provided at the Diagnose tab at https://access.redhat.com/security/vulnerabilities/2706661

Red Hat has not yet (as of 2016-10-24 11:00 CEST) released an updated kernel package.

For more details see https://access.redhat.com/security/cve/cve-2016-5195 whch also includes information on how to mitigate the problem before an update is available.

Older posts