Paessler PRTG fixes OpenSSL vulnerability CVE-2022-1292

Paesslers PRTG version 22.3.79 will update its internal OpenSSL libraries to 1.0.2ze in order to address and fix CVE-2022-1292. CVE-2022-1292 is categorized as CWE-78 (Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection').

PRTG release notes of version 22.3.79:
[Security] We updated our OpenSSL libraries to version 1.0.2ze that patches CVE-2022-1292.

CVE-2022-1292 is about the OpenSSL c_rehash script, which does not properly sanitise shell metacharacters to prevent command injection.
at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Color highlight & timestamp your bash cli prompt

 To color highlight your bash cli simply edit /etc/bash.bashrc and add the following lines: force_color_prompt=yes     if [ "$LOGNAME...