Monitorix

This new version introduces three new modules: nvme.pm, which is capable of monitoring an unlimited number of NVM Express (NVMe) devices, the amdgpu.pm, to monitor also an unlimited number of AMD GPU graphic cards, and nvidiagpu.pm which can be seen as an extended version of the module nvidia.pm, as it comes with more detailed statistics. [...]

Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication (if enabled) in a default installation (i.e., an installation without a hosts_deny option). This issue occurred because a new access-control feature was introduced (#274) ... [More] without considering that some existing installations became unsafe, upon an update to 3.13.0, unless the new feature was immediately configured. [...] [Less]

This new version introduces three new modules: the long-awaited pgsql.pm capable of monitoring up to 9 databases of an unlimited number of PostgreSQL servers, the redis.pm and tinyproxy.pm which are both also capable of monitoring an unlimited number of Redis and Tinyproxy servers respectively. [...]

This new version introduces two new modules: the phpfpm.pm and the unbound.pm. The first one will allow to collect PHP-FPM statistics and monitor unlimited number of sites, while the unbound.pm module will collect a lot of statistics of the Unbound ... [More] running in your local server. There is not possibility to collect Unbound statistics from remote servers. In all, both modules come with a fairly complete statistic graphs. [...] [Less]

This new version introduces two new graphs and improves clearly an old one: the System graph. After a notable people demand, I've included a new graph to monitor IPMI sensors (temperatures, fans and voltages). The second new graph monitors an ... [More] unlimited number of MongoDB servers (either local or remote). As said, the System graph has been improved and now it includes two new subgraphs: one that shows the system's entropy and another that shows the uptime of the system. The memory graph has also been enhanced including the values of memory active and inactive. [...] [Less]

Prior Monitorix versions are vulnerable to cross-site scripting (XSS), caused by improper validation of user-supplied input by the monitorix.cgi file. A remote attacker could exploit this vulnerability using some of the arguments provided (graph= or ... [More] when=) in a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. [...] [Less]

Prior Monitorix versions are vulnerable to cross-site scripting (XSS), caused by improper validation of user-supplied input by the monitorix.cgi file. A remote attacker could exploit this vulnerability using some of the arguments provided (graph= or ... [More] when=) in a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. [...] [Less]

Prior Monitorix versions are vulnerable to cross-site scripting (XSS), caused by improper validation of user-supplied input by the monitorix.cgi file. A remote attacker could exploit this vulnerability using some of the arguments provided (graph= or ... [More] when=) in a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. [...] [Less]

This new version introduces two new graphs and improves clearly an old one: the System graph. After a notable people demand, I've included a new graph to monitor IPMI sensors (temperatures, fans and voltages). The second new graph monitors an ... [More] unlimited number of MongoDB servers (either local or remote). As said, the System graph has been improved and now it includes two new subgraphs: one that shows the system's entropy and another that shows the uptime of the system. The memory graph has also been enhanced including the values of memory active and inactive. [...] [Less]

This new version introduces two new graphs and improves clearly an old one: the System graph. After a notable people demand, I've included a new graph to monitor IPMI sensors (temperatures, fans and voltages). The second new graph monitors an ... [More] unlimited number of MongoDB servers (either local or remote). As said, the System graph has been improved and now it includes two new subgraphs: one that shows the system's entropy and another that shows the uptime of the system. The memory graph has also been enhanced including the values of memory active and inactive. [...] [Less]