Change Log - AlienVault USM v4.3.2 only --------------------------------------------------------------------------
- Fixed: Wrong log directory permissions on machines migrated from v3 to v4 - Fixed: Logger doesn't compress the raw logs - Fixed: Cannot display raw logs - error in the month field ("u" not allowed) - Removed deprecated contact support form - Fixed: Agent's dictionary files do not shrink when assets are removed from the DB - Security: Fixed possible xss in logger query parameter - Improved product registration error messages
- Fixed: OpenVAS scanner stops running in 1% - Adding more than 1 ntp server should not be allowed from UI - Fixed: Unable to forward using VPN - Fixed: Alienvault Rserver sync does not work over VPN - Fixed: Web displays an error in HIDS view when no sensor is inserted - Fixed: PRADS plugin does not parse timestamp, causes errors in Agent - Fixed: fprobe doesn't send to the right host/port - Agent error: Unable to read plugin configuration (malwaredomainlist-monitor) - Default networks should not be automatically inserted after updating a platform without networks configured - Vulnerabilities count mismatches between vuln section and asset details - Fixed memory leak on ossim-server when managing unknown plugin_sid's - Fixed memory leak on correlation backlog expiration - Fixed: ossim-server does not forward events to more than one USM - Fixed: OSSEC package missing dependency configuration in Sensor profile - Fixed: OSSEC Events show 0.0.0.0 IP values - Fixed: OSSEC single line generic rule doesn't use destination field - Fixed: [OSSEC] DST_IP is not captured for "Excessive number of events" log entry - Fixed: [OSSEC] DST_IP is not captured for "Windows Logon Success" log entry - Fixed: [OSSEC] Tomcat dst_ip is not captured - Fixed: OSSEC plugin does not parse all messages. - Fixed: ossec-single-line plugin doesn't catch hostnames with '-' character properly - Fixed: ossec-single-line plugin does not parse auth logs correctly - OSSEC Integrity checksum issue - Limit of ossec agents increased - Fixed: No pagination in OSSEC for agentless page - Fixed: Ossec Server IP is configured wrongly when VPN is enabled - Fixed: User without manager privileges can't see the dashboards - Fixed: Netflows graphs display "any protocol" information only - Fixed: PRADS plugin falsely creates new assets - Fixed: Error when editing "Manage event references" - Fixed:Problem when configuring local sensor to report using its VPN address in AllinOne profiles - Fixed: Updating the Sensor VPN IP also modifies the priority value - Fixed: Web doesn't check smb credentials when the password contains special characters - Fixed issue with the nagios remote viewer - Fixed: Blank page in UI after changing the ntop interface - Fixed: Desktop notifications don't work for new alarms - Fixed: No data found in assets inventory tree - "Priority Threshold" configuration issue - Fixed: Password is spelt wrong in Ldap configuration - Fixed: From/to host matching in correlation ignores hosts - Fixed: From/to negated host matching in correlation doesn't work - Fixed: Scheduled reports do not attach the report - Fixed: Keywords not populating in email message when creating an action - Fixed: 'New Ticket" (Action) problems under Alarms -> View Grouped panel - Fixed: Wrong syntax check error (invalid character) in 'Asset Search' - Fixed: Assets tree shows weird network association - Taxonomy info issue when cloning a Directive - Fixed: ParserLog (ossim-agent) can catch only a part of the lines (without \n) - Apache errors found related to "timeline analysis on Siem console" - Fixed: Firefox (v22) ask to remember your password when using the Search option - Fixed: Firefox (v22) doesn't reload the web after creating a new directive - Fixed: Firefox (v22) not show the back button on sensor details - Fixed: Problem importing network csv file - Fixed: The Remote Interfaces web form is too large - Fixed: Apache error 500 in "Sensor status" section - Fixed of several typos in the Web User Interface - Security fix: Improved validation in several forms to provide consistent processing of user submitted data"'
This discussion has been closed.
From the Blog
Eric Rand Nov 23, 2015
Password Paste Prevention: Security Friend or Foe? Read More >