361 matches found
CVE-2013-1362
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor NRPE before 2.14 might allow remote attackers to execute arbitrary shell commands via "$" shell metacharacters, which are processed by bash...
CVE-2013-1362
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor NRPE before 2.14 might allow remote attackers to execute arbitrary shell commands via "$" shell metacharacters, which are processed by bash...
CVE-2013-1362
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor NRPE before 2.14 might allow remote attackers to execute arbitrary shell commands via "$" shell metacharacters, which are processed by bash...
CVE-2013-1362
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor NRPE before 2.14 might allow remote attackers to execute arbitrary shell commands via "$" shell metacharacters, which are processed by bash...
Nagios Remote Plugin Executor Arbitrary Command Execution (CVE-2013-1362)
A command execution vulnerability has been reported in Nagios Remote Plugin Executor...
Important: nrpe
Issue Overview: Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor NRPE before 2.14 might allow remote attackers to execute arbitrary shell commands via "$" shell metacharacters, which are processed by bash. Affected Packages: nrpe Issue Correction: Run yum update nrpe...
Nagios Remote Plugin Executor Metacharacter Filtering Omission
Added: 05/13/2013 CVE: CVE-2013-1362 BID: 58142 OSVDB: 90582 Background Nagios is a network host and service monitoring and management system. Nagios Remote Plugin Executor NRPE is an addon for Nagios that allows remote execution of Nagios plugins on other Linux/Unix machines. Problem Nagios Remo...
Nagios Remote Plugin Executor Metacharacter Filtering Omission
Added: 05/13/2013 CVE: CVE-2013-1362 BID: 58142 OSVDB: 90582 Background Nagios is a network host and service monitoring and management system. Nagios Remote Plugin Executor NRPE is an addon for Nagios that allows remote execution of Nagios plugins on other Linux/Unix machines. Problem Nagios Remo...
Nagios Remote Plugin Executor Metacharacter Filtering Omission
Added: 05/13/2013 CVE: CVE-2013-1362 BID: 58142 OSVDB: 90582 Background Nagios is a network host and service monitoring and management system. Nagios Remote Plugin Executor NRPE is an addon for Nagios that allows remote execution of Nagios plugins on other Linux/Unix machines. Problem Nagios Remo...
Nagios NRPE Plugin Detect
The Nagios Remote Plugin Executor NRPE was detected on the remote host. This application allows a user to execute Nagios plugins and monitor remote machines. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid66360; scriptversion"1.5";...
Nagios Remote Plugin Executor Arbitrary Command Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'zlib' class Metasploit3 'Nagios Remote Plugin...
Nagios Remote Plugin Executor - Arbitrary Command Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'zlib' class Metasploit3 'Nagios Remote Plugin...
Nagios Remote Plugin Executor Arbitrary Command Execution
The Nagios Remote Plugin Executor NRPE is installed to allow a central Nagios server to actively poll information from the hosts it monitors. NRPE has a configuration option dontblamenrpe which enables command-line arguments to be provided remote plugins. When this option is enabled, even when NR...
NRPE metacharacter filtering omission (important)
NRPE the Nagios Remote Plug-In Executor allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as checkhttp, to execute...
Nagios Remote Plugin Executor Arbitrary Command Execution
The Nagios Remote Plugin Executor NRPE is installed to allow a central Nagios server to actively poll information from the hosts it monitors. NRPE has a configuration option dontblamenrpe which enables command-line arguments to be provided remote plugins. When this option is enabled, even when NR...
Sandcat Browser 2.0 Released - Penetration Testing Oriented Browser
Sandcat Browser 2.0 Released, Penetration Testing Oriented Browser Sandcat Browser version 2.0 includes several user interface and experience improvements, an improved extension system, RudraScript support and new extensions. What is Sandcat Browser? The fastest web browser combined with the...
Sandcat Browser - Penetration Testing Oriented Browser
Penetration Testing Oriented Browser - Sandcat Browser The fastest web browser combined with the fastest scripting language packed with features for pen-testers. Sandcat Browser is a freeware portable pen-test oriented multi-tabbed web browser with extensions support developed by the Syhunt team,...
Nmap NSE net: nrpe-enum
Queries Nagios Remote Plugin Executor NRPE daemons to obtain information such as load averages, process counts, logged in user information, etc. This script attempts to execute the stock list of commands that are enabled. User-supplied arguments are not supported. SYNTAX: nrpe-enum.cmds: A...
PHP Executor Deep Recursion Stack Overflow
PMASA-2007-3 Announcement-ID: PMASA-2007-3 Date: 2007-03-02 Summary PHP Executor Deep Recursion Stack Overflow Description Stefan Esser from the Hardened-PHP Project is publishing the Month of PHP Bugs. One of these PHP bugs can be triggered by phpMyAdmin which uses a recursive function in its...
PHP 4/5 - Executor Deep Recursion Remote Denial of Service
source: https://www.securityfocus.com/bid/22766/info PHP is prone to a denial-of-service vulnerability because it fails to properly sanitize user-supplied input. An attacker with permissions to execute PHP code on an affected computer may exploit this issue to crash PHP and kill all remaining...