Vulnerabilities > Nagios > Remote Plug IN Executor
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-03-16 | CVE-2020-6582 | Incorrect Conversion between Numeric Types vulnerability in multiple products Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call. | 7.5 |
2020-03-16 | CVE-2020-6581 | Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets \n as the character \ and the character n (not as the \n newline sequence). | 7.3 |
2013-07-09 | CVE-2013-1362 | Improper Input Validation vulnerability in multiple products Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash. | 7.5 |