Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2024-2566

Опубликовано: 08 мая 2024
Источник: oracle-oval
Платформа: Oracle Linux 9

Описание

ELSA-2024-2566: pcp security, bug fix, and enhancement update (IMPORTANT)

[6.2.0-2.0.1]

  • Fixed libpcp derived metric issue for ol9 [Orabug: 36538820]

[6.2.0-2]

  • Disable RESP proxying by default in pmproxy (RHEL-30719)

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

pcp

6.2.0-2.0.1.el9_4

pcp-conf

6.2.0-2.0.1.el9_4

pcp-devel

6.2.0-2.0.1.el9_4

pcp-doc

6.2.0-2.0.1.el9_4

pcp-export-pcp2elasticsearch

6.2.0-2.0.1.el9_4

pcp-export-pcp2graphite

6.2.0-2.0.1.el9_4

pcp-export-pcp2influxdb

6.2.0-2.0.1.el9_4

pcp-export-pcp2json

6.2.0-2.0.1.el9_4

pcp-export-pcp2spark

6.2.0-2.0.1.el9_4

pcp-export-pcp2xml

6.2.0-2.0.1.el9_4

pcp-export-pcp2zabbix

6.2.0-2.0.1.el9_4

pcp-export-zabbix-agent

6.2.0-2.0.1.el9_4

pcp-geolocate

6.2.0-2.0.1.el9_4

pcp-gui

6.2.0-2.0.1.el9_4

pcp-import-collectl2pcp

6.2.0-2.0.1.el9_4

pcp-import-ganglia2pcp

6.2.0-2.0.1.el9_4

pcp-import-iostat2pcp

6.2.0-2.0.1.el9_4

pcp-import-mrtg2pcp

6.2.0-2.0.1.el9_4

pcp-import-sar2pcp

6.2.0-2.0.1.el9_4

pcp-libs

6.2.0-2.0.1.el9_4

pcp-libs-devel

6.2.0-2.0.1.el9_4

pcp-pmda-activemq

6.2.0-2.0.1.el9_4

pcp-pmda-apache

6.2.0-2.0.1.el9_4

pcp-pmda-bash

6.2.0-2.0.1.el9_4

pcp-pmda-bcc

6.2.0-2.0.1.el9_4

pcp-pmda-bind2

6.2.0-2.0.1.el9_4

pcp-pmda-bonding

6.2.0-2.0.1.el9_4

pcp-pmda-bpf

6.2.0-2.0.1.el9_4

pcp-pmda-bpftrace

6.2.0-2.0.1.el9_4

pcp-pmda-cifs

6.2.0-2.0.1.el9_4

pcp-pmda-cisco

6.2.0-2.0.1.el9_4

pcp-pmda-dbping

6.2.0-2.0.1.el9_4

pcp-pmda-denki

6.2.0-2.0.1.el9_4

pcp-pmda-dm

6.2.0-2.0.1.el9_4

pcp-pmda-docker

6.2.0-2.0.1.el9_4

pcp-pmda-ds389

6.2.0-2.0.1.el9_4

pcp-pmda-ds389log

6.2.0-2.0.1.el9_4

pcp-pmda-elasticsearch

6.2.0-2.0.1.el9_4

pcp-pmda-farm

6.2.0-2.0.1.el9_4

pcp-pmda-gfs2

6.2.0-2.0.1.el9_4

pcp-pmda-gluster

6.2.0-2.0.1.el9_4

pcp-pmda-gpfs

6.2.0-2.0.1.el9_4

pcp-pmda-gpsd

6.2.0-2.0.1.el9_4

pcp-pmda-hacluster

6.2.0-2.0.1.el9_4

pcp-pmda-haproxy

6.2.0-2.0.1.el9_4

pcp-pmda-infiniband

6.2.0-2.0.1.el9_4

pcp-pmda-json

6.2.0-2.0.1.el9_4

pcp-pmda-libvirt

6.2.0-2.0.1.el9_4

pcp-pmda-lio

6.2.0-2.0.1.el9_4

pcp-pmda-lmsensors

6.2.0-2.0.1.el9_4

pcp-pmda-logger

6.2.0-2.0.1.el9_4

pcp-pmda-lustre

6.2.0-2.0.1.el9_4

pcp-pmda-lustrecomm

6.2.0-2.0.1.el9_4

pcp-pmda-mailq

6.2.0-2.0.1.el9_4

pcp-pmda-memcache

6.2.0-2.0.1.el9_4

pcp-pmda-mic

6.2.0-2.0.1.el9_4

pcp-pmda-mongodb

6.2.0-2.0.1.el9_4

pcp-pmda-mounts

6.2.0-2.0.1.el9_4

pcp-pmda-mysql

6.2.0-2.0.1.el9_4

pcp-pmda-named

6.2.0-2.0.1.el9_4

pcp-pmda-netcheck

6.2.0-2.0.1.el9_4

pcp-pmda-netfilter

6.2.0-2.0.1.el9_4

pcp-pmda-news

6.2.0-2.0.1.el9_4

pcp-pmda-nfsclient

6.2.0-2.0.1.el9_4

pcp-pmda-nginx

6.2.0-2.0.1.el9_4

pcp-pmda-nvidia-gpu

6.2.0-2.0.1.el9_4

pcp-pmda-openmetrics

6.2.0-2.0.1.el9_4

pcp-pmda-openvswitch

6.2.0-2.0.1.el9_4

pcp-pmda-oracle

6.2.0-2.0.1.el9_4

pcp-pmda-pdns

6.2.0-2.0.1.el9_4

pcp-pmda-perfevent

6.2.0-2.0.1.el9_4

pcp-pmda-podman

6.2.0-2.0.1.el9_4

pcp-pmda-postfix

6.2.0-2.0.1.el9_4

pcp-pmda-postgresql

6.2.0-2.0.1.el9_4

pcp-pmda-rabbitmq

6.2.0-2.0.1.el9_4

pcp-pmda-redis

6.2.0-2.0.1.el9_4

pcp-pmda-roomtemp

6.2.0-2.0.1.el9_4

pcp-pmda-rsyslog

6.2.0-2.0.1.el9_4

pcp-pmda-samba

6.2.0-2.0.1.el9_4

pcp-pmda-sendmail

6.2.0-2.0.1.el9_4

pcp-pmda-shping

6.2.0-2.0.1.el9_4

pcp-pmda-slurm

6.2.0-2.0.1.el9_4

pcp-pmda-smart

6.2.0-2.0.1.el9_4

pcp-pmda-snmp

6.2.0-2.0.1.el9_4

pcp-pmda-sockets

6.2.0-2.0.1.el9_4

pcp-pmda-statsd

6.2.0-2.0.1.el9_4

pcp-pmda-summary

6.2.0-2.0.1.el9_4

pcp-pmda-systemd

6.2.0-2.0.1.el9_4

pcp-pmda-trace

6.2.0-2.0.1.el9_4

pcp-pmda-unbound

6.2.0-2.0.1.el9_4

pcp-pmda-weblog

6.2.0-2.0.1.el9_4

pcp-pmda-zimbra

6.2.0-2.0.1.el9_4

pcp-pmda-zswap

6.2.0-2.0.1.el9_4

pcp-selinux

6.2.0-2.0.1.el9_4

pcp-system-tools

6.2.0-2.0.1.el9_4

pcp-testsuite

6.2.0-2.0.1.el9_4

pcp-zeroconf

6.2.0-2.0.1.el9_4

perl-PCP-LogImport

6.2.0-2.0.1.el9_4

perl-PCP-LogSummary

6.2.0-2.0.1.el9_4

perl-PCP-MMV

6.2.0-2.0.1.el9_4

perl-PCP-PMDA

6.2.0-2.0.1.el9_4

python3-pcp

6.2.0-2.0.1.el9_4

Oracle Linux x86_64

pcp

6.2.0-2.0.1.el9_4

pcp-conf

6.2.0-2.0.1.el9_4

pcp-devel

6.2.0-2.0.1.el9_4

pcp-doc

6.2.0-2.0.1.el9_4

pcp-export-pcp2elasticsearch

6.2.0-2.0.1.el9_4

pcp-export-pcp2graphite

6.2.0-2.0.1.el9_4

pcp-export-pcp2influxdb

6.2.0-2.0.1.el9_4

pcp-export-pcp2json

6.2.0-2.0.1.el9_4

pcp-export-pcp2spark

6.2.0-2.0.1.el9_4

pcp-export-pcp2xml

6.2.0-2.0.1.el9_4

pcp-export-pcp2zabbix

6.2.0-2.0.1.el9_4

pcp-export-zabbix-agent

6.2.0-2.0.1.el9_4

pcp-geolocate

6.2.0-2.0.1.el9_4

pcp-gui

6.2.0-2.0.1.el9_4

pcp-import-collectl2pcp

6.2.0-2.0.1.el9_4

pcp-import-ganglia2pcp

6.2.0-2.0.1.el9_4

pcp-import-iostat2pcp

6.2.0-2.0.1.el9_4

pcp-import-mrtg2pcp

6.2.0-2.0.1.el9_4

pcp-import-sar2pcp

6.2.0-2.0.1.el9_4

pcp-libs

6.2.0-2.0.1.el9_4

pcp-libs-devel

6.2.0-2.0.1.el9_4

pcp-pmda-activemq

6.2.0-2.0.1.el9_4

pcp-pmda-apache

6.2.0-2.0.1.el9_4

pcp-pmda-bash

6.2.0-2.0.1.el9_4

pcp-pmda-bcc

6.2.0-2.0.1.el9_4

pcp-pmda-bind2

6.2.0-2.0.1.el9_4

pcp-pmda-bonding

6.2.0-2.0.1.el9_4

pcp-pmda-bpf

6.2.0-2.0.1.el9_4

pcp-pmda-bpftrace

6.2.0-2.0.1.el9_4

pcp-pmda-cifs

6.2.0-2.0.1.el9_4

pcp-pmda-cisco

6.2.0-2.0.1.el9_4

pcp-pmda-dbping

6.2.0-2.0.1.el9_4

pcp-pmda-denki

6.2.0-2.0.1.el9_4

pcp-pmda-dm

6.2.0-2.0.1.el9_4

pcp-pmda-docker

6.2.0-2.0.1.el9_4

pcp-pmda-ds389

6.2.0-2.0.1.el9_4

pcp-pmda-ds389log

6.2.0-2.0.1.el9_4

pcp-pmda-elasticsearch

6.2.0-2.0.1.el9_4

pcp-pmda-farm

6.2.0-2.0.1.el9_4

pcp-pmda-gfs2

6.2.0-2.0.1.el9_4

pcp-pmda-gluster

6.2.0-2.0.1.el9_4

pcp-pmda-gpfs

6.2.0-2.0.1.el9_4

pcp-pmda-gpsd

6.2.0-2.0.1.el9_4

pcp-pmda-hacluster

6.2.0-2.0.1.el9_4

pcp-pmda-haproxy

6.2.0-2.0.1.el9_4

pcp-pmda-infiniband

6.2.0-2.0.1.el9_4

pcp-pmda-json

6.2.0-2.0.1.el9_4

pcp-pmda-libvirt

6.2.0-2.0.1.el9_4

pcp-pmda-lio

6.2.0-2.0.1.el9_4

pcp-pmda-lmsensors

6.2.0-2.0.1.el9_4

pcp-pmda-logger

6.2.0-2.0.1.el9_4

pcp-pmda-lustre

6.2.0-2.0.1.el9_4

pcp-pmda-lustrecomm

6.2.0-2.0.1.el9_4

pcp-pmda-mailq

6.2.0-2.0.1.el9_4

pcp-pmda-memcache

6.2.0-2.0.1.el9_4

pcp-pmda-mic

6.2.0-2.0.1.el9_4

pcp-pmda-mongodb

6.2.0-2.0.1.el9_4

pcp-pmda-mounts

6.2.0-2.0.1.el9_4

pcp-pmda-mssql

6.2.0-2.0.1.el9_4

pcp-pmda-mysql

6.2.0-2.0.1.el9_4

pcp-pmda-named

6.2.0-2.0.1.el9_4

pcp-pmda-netcheck

6.2.0-2.0.1.el9_4

pcp-pmda-netfilter

6.2.0-2.0.1.el9_4

pcp-pmda-news

6.2.0-2.0.1.el9_4

pcp-pmda-nfsclient

6.2.0-2.0.1.el9_4

pcp-pmda-nginx

6.2.0-2.0.1.el9_4

pcp-pmda-nvidia-gpu

6.2.0-2.0.1.el9_4

pcp-pmda-openmetrics

6.2.0-2.0.1.el9_4

pcp-pmda-openvswitch

6.2.0-2.0.1.el9_4

pcp-pmda-oracle

6.2.0-2.0.1.el9_4

pcp-pmda-pdns

6.2.0-2.0.1.el9_4

pcp-pmda-perfevent

6.2.0-2.0.1.el9_4

pcp-pmda-podman

6.2.0-2.0.1.el9_4

pcp-pmda-postfix

6.2.0-2.0.1.el9_4

pcp-pmda-postgresql

6.2.0-2.0.1.el9_4

pcp-pmda-rabbitmq

6.2.0-2.0.1.el9_4

pcp-pmda-redis

6.2.0-2.0.1.el9_4

pcp-pmda-resctrl

6.2.0-2.0.1.el9_4

pcp-pmda-roomtemp

6.2.0-2.0.1.el9_4

pcp-pmda-rsyslog

6.2.0-2.0.1.el9_4

pcp-pmda-samba

6.2.0-2.0.1.el9_4

pcp-pmda-sendmail

6.2.0-2.0.1.el9_4

pcp-pmda-shping

6.2.0-2.0.1.el9_4

pcp-pmda-slurm

6.2.0-2.0.1.el9_4

pcp-pmda-smart

6.2.0-2.0.1.el9_4

pcp-pmda-snmp

6.2.0-2.0.1.el9_4

pcp-pmda-sockets

6.2.0-2.0.1.el9_4

pcp-pmda-statsd

6.2.0-2.0.1.el9_4

pcp-pmda-summary

6.2.0-2.0.1.el9_4

pcp-pmda-systemd

6.2.0-2.0.1.el9_4

pcp-pmda-trace

6.2.0-2.0.1.el9_4

pcp-pmda-unbound

6.2.0-2.0.1.el9_4

pcp-pmda-weblog

6.2.0-2.0.1.el9_4

pcp-pmda-zimbra

6.2.0-2.0.1.el9_4

pcp-pmda-zswap

6.2.0-2.0.1.el9_4

pcp-selinux

6.2.0-2.0.1.el9_4

pcp-system-tools

6.2.0-2.0.1.el9_4

pcp-testsuite

6.2.0-2.0.1.el9_4

pcp-zeroconf

6.2.0-2.0.1.el9_4

perl-PCP-LogImport

6.2.0-2.0.1.el9_4

perl-PCP-LogSummary

6.2.0-2.0.1.el9_4

perl-PCP-MMV

6.2.0-2.0.1.el9_4

perl-PCP-PMDA

6.2.0-2.0.1.el9_4

python3-pcp

6.2.0-2.0.1.el9_4

Связанные CVE

CVE-2024-3019

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2024-3019

CVSS3: 8.8
ubuntu
около 1 года назад

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.

redhat логотип

CVE-2024-3019

CVSS3: 8.8
redhat
больше 1 года назад

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.

nvd логотип

CVE-2024-3019

CVSS3: 8.8
nvd
около 1 года назад

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.

debian логотип

CVE-2024-3019

CVSS3: 8.8
debian
около 1 года назад

A flaw was found in PCP. The default pmproxy configuration exposes the ...

rocky логотип

RLSA-2024:3264

rocky
около 1 года назад

Important: pcp security update