Welcome to docs.opsview.com

Security Patch

As reported by Piotr Karolak of Trustwave's SpiderLabs a security vulnerability was identified that has the potential to allow unauthenticated access to the file system of an Opsview Monitor system by issuing a specially crafted HTTP GET request.

Opsview have created a patch to resolve this security vulnerability which can be easily applied to supported versions of the Opsview Monitor system. We strongly recommend that you upgrade to a supported version as we will not be providing a patch for older versions. We are conscious that it may take a little while to plan, implement and upgrade, and we would not want any of our customers running a system with a potential vulnerability so we have provided the below Apache configuration change that helps to counter this particular vulnerability.

You will need to locate your Opsview Apache configuration file (on Debian and Ubuntu this is usually in /etc/apache2/sites-enabled/, or for CentOS and RHEL, look in /etc/httpd/conf.d).

Edit the file and just above the lines starting with 'ProxyPass' at the bottom of the file, insert these new lines:

RewriteEngine on
RewriteRule %5C / [NC,R]
RewriteRule %00 / [NC,R]
RewriteRule (%2e|%46)(%2e|%46) / [NC,R]
RewriteRule \.\.(%2f|%c0%af|%c1%1c) / [NC,R]

Test the configuration change by using 'apache2ctl -t' (or 'apachectl -t', depending on your OS) and if no errors are shown, restarted Apache ('service apache2 restart', 'service httpd restart' or '/etc/init.d/httpd restart', again depending on your OS).

If you do get errors, you may need to enable the Apache Rewrite module (either 'en2mod rewrite' or locate the line for 'mod_rewrite.so' in your apache configuration and uncomment it).