Vulners
Lucene search
Nagios NRPE 2.13 Code Execution
🗓️ 22 Feb 2013 00:00:00Reported by Rudolph PereiraType 
packetstorm🔗 packetstormsecurity.com👁 41 Views
| Reporter | Title | Published | Views | Family All 47 |
|---|---|---|---|---|
 | Nagios Remote Plugin Executor Arbitrary Command Execution | 12 Apr 201300:00 | – | zdt |
 | Important: nrpe | 20 Jun 201300:00 | – | amazon |
 | Amazon Linux AMI : nrpe (ALAS-2013-203) | 4 Sep 201300:00 | – | nessus |
| Fedora 19 : nrpe-2.14-3.fc19 (2013-9829) | 12 Jul 201300:00 | – | nessus |
| Fedora 17 : nrpe-2.14-3.fc17 (2013-9836) | 12 Jul 201300:00 | – | nessus |
| Fedora 18 : nrpe-2.14-3.fc18 (2013-9848) | 12 Jul 201300:00 | – | nessus |
| GLSA-201408-18 : NRPE: Multiple Vulnerabilities | 30 Aug 201400:00 | – | nessus |
| Nagios NRPE nrpe.c Arbitrary Command Execution | 9 May 201300:00 | – | nessus |
| openSUSE Security Update : nagios-nrpe (openSUSE-SU-2013:0621-1) | 13 Jun 201400:00 | – | nessus |
| SuSE 11.2 / 11.3 Security Update : nagios-nrpe, nagios-plugins-nrpe (SAT Patch Numbers 8032 / 8033) | 19 Jul 201300:00 | – | nessus |
10
`Summary:
---------------
CVE-ID: CVE-2013-1362
CVSS: Base Score 7.5
CVSS2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:UC/CDP:N/TD:N/CR:L/IR:L/AR:L
Vendor: Nagios
Affected Products: NRPE
Affected Platforms: All
Affected versions: < 2.14
Remote Exploitable: Yes
Local Exploitable: No
Patch Status Vendor released a patch (See Solution)
URL: http://www.occamsec.com/vulnerabilities.html#nagios_metacharacter_vulnerability
Description
----------------
nrpe 2.13 has, in src/nrpc.c, line 52:
#define NASTY_METACHARS "|`&><'\"\\[]{};"
This allows the passing of $() to plugins/scripts which, if run under
bash, will execute that shell command under a subprocess and pass the
output as a parameter to the called script. Using this, it is possible
to get called scripts, such as check_http, to execute arbitrary
commands under the uid that NRPE/nagios is running as (typically,
'nagios').
Solution
------------
Upgrade to NRPE 2.14 or later, available at
http://sourceforge.net/projects/nagios/files/nrpe-2.x/
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
22 Feb 2013 00:00Current
6.3Medium risk
Vulners AI Score6.3
EPSS0.76437