Vulnerabilities > CVE-2014-2913
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe. NOTE: this issue is disputed by multiple parties. It has been reported that the vendor allows newlines as "expected behavior." Also, this issue can only occur when the administrator enables the "dont_blame_nrpe" option in nrpe.conf despite the "HIGH security risk" warning within the comments
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 3 | |
| Application | 1 |
Exploit-Db
description NRPE <= 2.15 - Remote Command Execution. CVE-2014-2913. Remote exploits for multiple platform id EDB-ID:32925 last seen 2016-02-03 modified 2014-04-18 published 2014-04-18 reporter Dawid Golunski source https://www.exploit-db.com/download/32925/ title NRPE <= 2.15 - Remote Command Execution description NRPE 2.15 - Remote Code Execution Vulnerability. CVE-2014-2913. Remote exploits for multiple platform id EDB-ID:34461 last seen 2016-02-03 modified 2014-08-29 published 2014-08-29 reporter Claudio Viviani source https://www.exploit-db.com/download/34461/ title NRPE 2.15 - Remote Code Execution Vulnerability
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2014-5897.NASL description Add patch to mitigate CVE-2014-2913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-11-20 plugin id 79346 published 2014-11-20 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/79346 title Fedora 20 : nrpe-2.15-2.fc20 (2014-5897) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2014-5897. # include("compat.inc"); if (description) { script_id(79346); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2014-2913"); script_bugtraq_id(66969); script_xref(name:"FEDORA", value:"2014-5897"); script_name(english:"Fedora 20 : nrpe-2.15-2.fc20 (2014-5897)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Add patch to mitigate CVE-2014-2913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1089878" ); # https://lists.fedoraproject.org/pipermail/package-announce/2014-November/144631.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?13795117" ); script_set_attribute(attribute:"solution", value:"Update the affected nrpe package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:U/RC:ND"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:nrpe"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:20"); script_set_attribute(attribute:"patch_publication_date", value:"2014/05/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/11/20"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^20([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 20.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC20", reference:"nrpe-2.15-2.fc20")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nrpe"); }NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201408-18.NASL description The remote host is affected by the vulnerability described in GLSA-201408-18 (NRPE: Multiple Vulnerabilities) Multiple vulnerabilities have been discovered in NRPE. Please review the CVE identifiers referenced below for details. Impact : A remote attacker can utilize multiple vectors to execute arbitrary code. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 77462 published 2014-08-30 reporter This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77462 title GLSA-201408-18 : NRPE: Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201408-18. # # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(77462); script_version("1.5"); script_cvs_date("Date: 2018/12/05 20:31:22"); script_cve_id("CVE-2013-1362", "CVE-2014-2913"); script_bugtraq_id(58142, 66969); script_xref(name:"GLSA", value:"201408-18"); script_name(english:"GLSA-201408-18 : NRPE: Multiple Vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201408-18 (NRPE: Multiple Vulnerabilities) Multiple vulnerabilities have been discovered in NRPE. Please review the CVE identifiers referenced below for details. Impact : A remote attacker can utilize multiple vectors to execute arbitrary code. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201408-18" ); script_set_attribute( attribute:"solution", value: "All NRPE users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-analyzer/nrpe-2.15'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Nagios Remote Plugin Executor Arbitrary Command Execution'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:nrpe"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2014/08/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/08/30"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"net-analyzer/nrpe", unaffected:make_list("ge 2.15"), vulnerable:make_list("lt 2.15"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "NRPE"); }NASL family Fedora Local Security Checks NASL id FEDORA_2014-5896.NASL description Add patch to mitigate CVE-2014-2913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-12-07 plugin id 79793 published 2014-12-07 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/79793 title Fedora 19 : nrpe-2.15-2.fc19 (2014-5896) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2014-5896. # include("compat.inc"); if (description) { script_id(79793); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2014-2913"); script_bugtraq_id(66969); script_xref(name:"FEDORA", value:"2014-5896"); script_name(english:"Fedora 19 : nrpe-2.15-2.fc19 (2014-5896)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Add patch to mitigate CVE-2014-2913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1089878" ); # https://lists.fedoraproject.org/pipermail/package-announce/2014-December/145738.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?74f449ac" ); script_set_attribute(attribute:"solution", value:"Update the affected nrpe package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:U/RC:ND"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:nrpe"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:19"); script_set_attribute(attribute:"patch_publication_date", value:"2014/05/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/12/07"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^19([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 19.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC19", reference:"nrpe-2.15-2.fc19")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nrpe"); }NASL family SuSE Local Security Checks NASL id OPENSUSE-2014-335.NASL description This nrpe update fixes the following security documentation problem. - bnc#874743: Documented a possible command injection when command arguments are enabled (CVE-2014-2913). More details can be found inside the documentation of this package. last seen 2020-06-05 modified 2014-06-13 plugin id 75345 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75345 title openSUSE Security Update : nrpe (openSUSE-SU-2014:0594-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2014-335. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75345); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2014-2913"); script_name(english:"openSUSE Security Update : nrpe (openSUSE-SU-2014:0594-1)"); script_summary(english:"Check for the openSUSE-2014-335 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This nrpe update fixes the following security documentation problem. - bnc#874743: Documented a possible command injection when command arguments are enabled (CVE-2014-2913). More details can be found inside the documentation of this package." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=874743" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2014-05/msg00005.html" ); script_set_attribute(attribute:"solution", value:"Update the affected nrpe packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nagios-plugins-nrpe"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nagios-plugins-nrpe-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nrpe"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nrpe-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nrpe-debugsource"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.3"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1"); script_set_attribute(attribute:"patch_publication_date", value:"2014/04/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE12\.3|SUSE13\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.3 / 13.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE12.3", reference:"nagios-plugins-nrpe-2.14-3.4.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"nagios-plugins-nrpe-debuginfo-2.14-3.4.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"nrpe-2.14-3.4.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"nrpe-debuginfo-2.14-3.4.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"nrpe-debugsource-2.14-3.4.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"nagios-plugins-nrpe-2.15-4.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"nagios-plugins-nrpe-debuginfo-2.15-4.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"nrpe-2.15-4.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"nrpe-debuginfo-2.15-4.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"nrpe-debugsource-2.15-4.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nagios-plugins-nrpe / nagios-plugins-nrpe-debuginfo / nrpe / etc"); }NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2014-364.NASL description ** DISPUTED ** Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe. NOTE: this issue is disputed by multiple parties. It has been reported that the vendor allows newlines as last seen 2020-06-01 modified 2020-06-02 plugin id 78307 published 2014-10-12 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/78307 title Amazon Linux AMI : nrpe (ALAS-2014-364) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Amazon Linux AMI Security Advisory ALAS-2014-364. # include("compat.inc"); if (description) { script_id(78307); script_version("1.3"); script_cvs_date("Date: 2018/04/18 15:09:35"); script_cve_id("CVE-2014-2913"); script_xref(name:"ALAS", value:"2014-364"); script_name(english:"Amazon Linux AMI : nrpe (ALAS-2014-364)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Amazon Linux AMI host is missing a security update." ); script_set_attribute( attribute:"description", value: "** DISPUTED ** Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe. NOTE: this issue is disputed by multiple parties. It has been reported that the vendor allows newlines as 'expected behavior.' Also, this issue can only occur when the administrator enables the 'dont_blame_nrpe' option in nrpe.conf despite the 'HIGH security risk' warning within the comments." ); script_set_attribute( attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2014-364.html" ); script_set_attribute( attribute:"solution", value:"Run 'yum update nrpe' to update your system." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:nagios-plugins-nrpe"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:nrpe"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:nrpe-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2014/06/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/10/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc."); script_family(english:"Amazon Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/AmazonLinux/release"); if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux"); os_ver = pregmatch(pattern: "^AL(A|\d)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux"); os_ver = os_ver[1]; if (os_ver != "A") { if (os_ver == 'A') os_ver = 'AMI'; audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver); } if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (rpm_check(release:"ALA", reference:"nagios-plugins-nrpe-2.15-2.7.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"nrpe-2.15-2.7.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"nrpe-debuginfo-2.15-2.7.amzn1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nagios-plugins-nrpe / nrpe / nrpe-debuginfo"); }NASL family SuSE Local Security Checks NASL id SUSE_11_NAGIOS-NRPE-140506.NASL description nagios-nrpe has been updated to prevent possible remote command execution when command arguments are enabled. This issue affects versions 2.15 and older. Further information is available at http://seclists.org/fulldisclosure/2014/Apr/240 These security issues have been fixed : - Remote command execution (CVE-2014-2913) last seen 2020-06-05 modified 2014-05-21 plugin id 74116 published 2014-05-21 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/74116 title SuSE 11.3 Security Update : nagios-nrpe, nagios-nrpe-debuginfo, nagios-nrpe-debugsource, etc (SAT Patch Number 9204) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(74116); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2014-2913"); script_name(english:"SuSE 11.3 Security Update : nagios-nrpe, nagios-nrpe-debuginfo, nagios-nrpe-debugsource, etc (SAT Patch Number 9204)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "nagios-nrpe has been updated to prevent possible remote command execution when command arguments are enabled. This issue affects versions 2.15 and older. Further information is available at http://seclists.org/fulldisclosure/2014/Apr/240 These security issues have been fixed : - Remote command execution (CVE-2014-2913)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=874743" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-2913.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 9204."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:nagios-nrpe"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:nagios-nrpe-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:nagios-plugins-nrpe"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2014/05/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/05/21"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, "SuSE 11.3"); flag = 0; if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"nagios-nrpe-2.12-24.4.10.1")) flag++; if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"nagios-nrpe-doc-2.12-24.4.10.1")) flag++; if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"nagios-plugins-nrpe-2.12-24.4.10.1")) flag++; if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"nagios-nrpe-2.12-24.4.10.1")) flag++; if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"nagios-nrpe-doc-2.12-24.4.10.1")) flag++; if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"nagios-plugins-nrpe-2.12-24.4.10.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family SuSE Local Security Checks NASL id SUSE_11_NAGIOS-NRPE-140507.NASL description nagios-nrpe has been updated to prevent possible remote command execution when command arguments are enabled. This issue affects versions 2.15 and older. Further information is available at http://seclists.org/fulldisclosure/2014/Apr/240 These security issues have been fixed : - Remote command execution (CVE-2014-2913) last seen 2020-06-05 modified 2014-05-21 plugin id 74117 published 2014-05-21 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/74117 title SuSE 11.3 Security Update : nagios-nrpe, nagios-nrpe-debuginfo, nagios-nrpe-debugsource, etc (SAT Patch Number 9204) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(74117); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2014-2913"); script_name(english:"SuSE 11.3 Security Update : nagios-nrpe, nagios-nrpe-debuginfo, nagios-nrpe-debugsource, etc (SAT Patch Number 9204)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "nagios-nrpe has been updated to prevent possible remote command execution when command arguments are enabled. This issue affects versions 2.15 and older. Further information is available at http://seclists.org/fulldisclosure/2014/Apr/240 These security issues have been fixed : - Remote command execution (CVE-2014-2913)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=874743" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-2913.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 9204."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:nagios-nrpe"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:nagios-nrpe-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:nagios-plugins-nrpe"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2014/05/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/05/21"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, "SuSE 11.3"); flag = 0; if (rpm_check(release:"SLES11", sp:3, cpu:"s390x", reference:"nagios-nrpe-2.12-24.4.10.1")) flag++; if (rpm_check(release:"SLES11", sp:3, cpu:"s390x", reference:"nagios-nrpe-doc-2.12-24.4.10.1")) flag++; if (rpm_check(release:"SLES11", sp:3, cpu:"s390x", reference:"nagios-plugins-nrpe-2.12-24.4.10.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Misc. NASL id NAGIOS_NRPE_COMMAND_ARGUMENT_PROCESSING.NASL description The version of Nagios Remote Plugin Executor (NRPE) running on the remote host has command argument processing enabled and accepts the newline character. An unauthenticated, remote attacker can exploit this issue to execute arbitrary commands within the context of the vulnerable application by appending those commands via a newline character in the last seen 2020-06-01 modified 2020-06-02 plugin id 73757 published 2014-04-29 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/73757 title Nagios NRPE Command Argument Processing Enabled code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(73757); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/12"); script_cve_id("CVE-2014-2913"); script_bugtraq_id(66969); script_xref(name:"EDB-ID", value:"32925"); script_xref(name:"EDB-ID", value:"34461"); script_name(english:"Nagios NRPE Command Argument Processing Enabled"); script_summary(english:"Checks if the remote Nagios NRPE server allows command argument processing containing newline."); script_set_attribute(attribute:"synopsis", value: "The monitoring service running on the remote host may be affected by an arbitrary command execution vulnerability."); script_set_attribute(attribute:"description", value: "The version of Nagios Remote Plugin Executor (NRPE) running on the remote host has command argument processing enabled and accepts the newline character. An unauthenticated, remote attacker can exploit this issue to execute arbitrary commands within the context of the vulnerable application by appending those commands via a newline character in the '-a' option to libexec/check_nrpe."); script_set_attribute(attribute:"see_also", value:"http://legalhackers.com/advisories/nagios-nrpe.txt"); # https://packetstormsecurity.com/files/126211/Nagios-Remote-Plugin-Executor-2.15-Remote-Command-Execution.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?addc2ef6"); script_set_attribute(attribute:"solution", value: "Disable command argument processing in the NRPE configuration."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/04/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/04/29"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:nagios:nagios"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Misc."); script_copyright(english:"This script is Copyright (C) 2014-2020 Tenable Network Security, Inc."); script_dependencies("nagios_nrpe_detect.nasl"); script_require_ports("Services/nrpe"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("byte_func.inc"); # crc_func.inc is required for crc32tab[] look up table below include("crc_func.inc"); function calculate_crc32(data) { local_var crc, i, len; len = strlen(data); crc = 0xFFFFFFFF; for (i=0; i<len; i++) crc = ((crc >>> 8) & 0x00FFFFFF) ^ crc32tab[(crc ^ ord(data[i])) & 0xFF]; return crc ^ 0xFFFFFFFF; } port = get_service(svc:"nrpe", exit_on_fail:TRUE); appname = "Nagios NRPE"; version = get_kb_item_or_exit("nrpe/" + port + "/Version"); s = open_sock_tcp(port); if (!s) audit(AUDIT_SOCK_FAIL, port,'TCP'); set_byte_order(BYTE_ORDER_BIG_ENDIAN); packet_version = '\x00\x02'; packet_type = '\x00\x01'; crc = '\x00\x00\x00\x00'; result_code = mkbyte(rand() % 255) + mkbyte(rand() % 255); cmd = '_NRPE_CHECK!nessus'; buffer = '\x0a'; buffer += crap(data:'\x00', length: (1024 - strlen(cmd) - 1)); random_buffer = mkbyte(rand() % 255) + mkbyte(rand() % 255); pkt = packet_version + packet_type + crc + result_code + cmd + buffer + random_buffer; crc = uint(calculate_crc32(data:pkt)); crc = mkbyte(crc >> 24) + mkbyte(crc >> 16) + mkbyte(crc >> 8) + mkbyte(crc >> 0); pkt = packet_version + packet_type + crc + result_code + cmd + buffer + random_buffer; send(socket:s, data:pkt); res = recv(socket:s, length:10, min:10); # when command argument processing is disabled, the server will not respond at all if (strlen(res) == 0) { close(s); audit(AUDIT_LISTEN_NOT_VULN, appname, port, version); } if (strlen(res) != 10) { close(s); exit(0, 'Unexpected response size for service on port ' + port + '.'); } recv_version = substr(res, 0, 1); recv_pkt_type = substr(res, 2, 3); recv_crc = substr(res, 4, 7); recv_result_code = substr(res, 8, 9); if (recv_version != '\x00\x02') { close(s); exit(0, 'Unrecognized protocol version for service on port ' + port + '.'); } if (recv_pkt_type != '\x00\x02') { close(s); exit(0, 'Unrecognized packet type for server on port ' + port + '.'); } data = recv(socket:s, length:1024, min:1024); if (strlen(data) == 0) { close(s); audit(AUDIT_RESP_NOT, port); } if ("NRPE" >!< data) audit(AUDIT_NOT_DETECT, appname, port); if (strlen(data) != 1024) { close(s); exit(0, 'Unexpected response size for service on port ' + port + '.'); } rand_bytes = recv(socket:s, length:2, min:2); close(s); if (strlen(rand_bytes) == 0) audit(AUDIT_RESP_NOT, port); if (strlen(rand_bytes) != 2) exit(0, 'Unexpected response size for service on port ' + port + '.'); recv_pkt = recv_version + recv_pkt_type + '\x00\x00\x00\x00' + recv_result_code + data + rand_bytes; calculated_crc = uint(calculate_crc32(data:recv_pkt)); calculated_crc = mkbyte(calculated_crc >> 24) + mkbyte(calculated_crc >> 16) + mkbyte(calculated_crc >> 8) + mkbyte(calculated_crc >> 0); if (recv_crc != calculated_crc) exit(0, 'CRC check failed for service on port ' + port + '.'); # if we get a proper response, we are vuln security_report_v4( port:port, severity:SECURITY_HOLE, extra:report_items_str(report_items:make_array( "Version", version, "NRPE command argument processing", "Enabled" )) );NASL family Fedora Local Security Checks NASL id FEDORA_2015-15398.NASL description Use %configure macro as it deals with config.sub/guess and various flags properly ---- nrpe-2.15-6.el7 - Fix spec file for missing /usr/share/libtool/config/config.guess nrpe-2.15-6.el6 - Fix spec file for missing /usr/share/libtool/config/config.guess nrpe-2.15-6.fc23 - Fix spec file for missing /usr/share/libtool/config/config.guess nrpe-2.15-6.fc22 - Fix spec file for missing /usr/share/libtool/config/config.guess nrpe-2.15-6.fc21 - Fix spec file for missing /usr/share/libtool/config/config.guess Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2015-09-21 plugin id 86042 published 2015-09-21 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/86042 title Fedora 23 : nrpe-2.15-7.fc23 (2015-15398) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2015-15398. # include("compat.inc"); if (description) { script_id(86042); script_version("2.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2014-2913"); script_xref(name:"FEDORA", value:"2015-15398"); script_name(english:"Fedora 23 : nrpe-2.15-7.fc23 (2015-15398)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Use %configure macro as it deals with config.sub/guess and various flags properly ---- nrpe-2.15-6.el7 - Fix spec file for missing /usr/share/libtool/config/config.guess nrpe-2.15-6.el6 - Fix spec file for missing /usr/share/libtool/config/config.guess nrpe-2.15-6.fc23 - Fix spec file for missing /usr/share/libtool/config/config.guess nrpe-2.15-6.fc22 - Fix spec file for missing /usr/share/libtool/config/config.guess nrpe-2.15-6.fc21 - Fix spec file for missing /usr/share/libtool/config/config.guess Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1089880" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1239738" ); # https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166528.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?d1d81b43" ); script_set_attribute(attribute:"solution", value:"Update the affected nrpe package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:nrpe"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:23"); script_set_attribute(attribute:"patch_publication_date", value:"2015/09/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/09/21"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^23([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 23.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC23", reference:"nrpe-2.15-7.fc23")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nrpe"); }
Packetstorm
| data source | https://packetstormsecurity.com/files/download/128038/nrpe_215_rce_exploit.txt |
| id | PACKETSTORM:128038 |
| last seen | 2016-12-05 |
| published | 2014-08-28 |
| reporter | Dawid Golunski |
| source | https://packetstormsecurity.com/files/128038/NRPE-2.15-Remote-Command-Execution.html |
| title | NRPE 2.15 Remote Command Execution |
Seebug
| bulletinFamily | exploit |
| description | No description provided by source. |
| id | SSV:87224 |
| last seen | 2017-11-19 |
| modified | 2014-09-04 |
| published | 2014-09-04 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-87224 |
| title | NRPE 2.15 - Remote Code Execution Vulnerability |
References
- http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166528.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166528.html
- http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00011.html
- http://lists.opensuse.org/opensuse-updates/2014-05/msg00005.html
- http://lists.opensuse.org/opensuse-updates/2014-05/msg00005.html
- http://lists.opensuse.org/opensuse-updates/2014-05/msg00014.html
- http://lists.opensuse.org/opensuse-updates/2014-05/msg00014.html
- http://seclists.org/fulldisclosure/2014/Apr/240
- http://seclists.org/fulldisclosure/2014/Apr/240
- http://seclists.org/fulldisclosure/2014/Apr/242
- http://seclists.org/fulldisclosure/2014/Apr/242
- http://seclists.org/oss-sec/2014/q2/154
- http://seclists.org/oss-sec/2014/q2/154
- http://seclists.org/oss-sec/2014/q2/155
- http://seclists.org/oss-sec/2014/q2/155
- http://www.securityfocus.com/bid/66969
- http://www.securityfocus.com/bid/66969