mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix memcached unserialize vulnerability (#14459)

Browse Source 
Allows code injection, so remove it entirely.
This requires a memcached application script to restore functionality.

https://github.com/librenms/librenms-agent/pull/428
This commit is contained in:
Tony Murray
2022-10-16 11:15:17 -05:00
committed by GitHub
parent 8e85698aa3
commit ae3925b09a
4 changed files with 21 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
doc/Extensions/Applications.md
View File

@@ -909,10 +909,10 @@ pass .1.3.6.1.4.1.3582 /usr/sbin/lsi_mrdsnmpmain
### SNMP Extend
1. Copy the [memcached
script](https://github.com/librenms/librenms-agent/blob/master/agent-local/memcached)
script](https://github.com/librenms/librenms-agent/blob/master/snmp/memcached)
to `/etc/snmp/` on your remote server.
```
wget https://raw.githubusercontent.com/librenms/librenms-agent/master/agent-local/memcached -O /etc/snmp/memcached
wget https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/memcached -O /etc/snmp/memcached
```
2. Make the script executable: