SUSE SLES12 Security Update : nrpe (SUSE-SU-2024:1417-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1417-1 advisory. - Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor NRPE 2.15 and earlier allows remote attackers to execute...

SUSE-SU-2024:1417-1 Security update for nrpe

This update for nrpe fixes the following issues: CVE-2014-2913: Fixed remote command execution when command arguments are enabled bsc1118590,bsc874743...

Mageia: Security Advisory (MGASA-2014-0217)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2014:0682-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: A vulnerability in NRPE affects PowerKVM (CVE-2014-2913)

Summary PowerKVM is affected by a vulnerability in the Nagios Remote Plugin Executor NRPE. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2014-2913 DESCRIPTION: Nagios Remote Plugin Executor NRPE could allow a remote attacker to execute arbitrary code on the system,...

[ASA-201801-14] nrpe: arbitrary command execution

Arch Linux Security Advisory ASA-201801-14 ========================================== Severity: High Date : 2018-01-18 CVE-ID : CVE-2013-1362 CVE-2014-2913 Package : nrpe Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-587 Summary ======= The package nrpe...

SUSE: Security Advisory for nagios-nrpe (SUSE-SU-2014:0682-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 19 : nrpe-2.15-2.fc19 (2014-5896)

Add patch to mitigate CVE-2014-2913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...

Fedora 20 : nrpe-2.15-2.fc20 (2014-5897)

Add patch to mitigate CVE-2014-2913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...

Fedora Update for nrpe FEDORA-2014-5897

Check the version of nrpe SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868498";...

NRPE 2.15 - Remote Code Execution Vulnerability

NRPE version 2.15 remote command execution exploit written in Python. !/usr/bin/python Exploit Title : NRPE http://www.abcompcons.com/files/nrpeclient.py pyOpenSSL Library required http://pyopenssl.sourceforge.net/ email protected pip-python install pyOpenSSL NRPE = 2.15 Remote Command Execution...

GLSA-201408-18 : NRPE: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201408-18 NRPE: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in NRPE. Please review the CVE identifiers referenced below for details. Impact : A remote attacker can utilize multiple vectors to execute...

NRPE 2.15 - Remote Code Execution

!/usr/bin/python Exploit Title : NRPE http://www.abcompcons.com/files/nrpeclient.py pyOpenSSL Library required http://pyopenssl.sourceforge.net/ root@localhost pip-python install pyOpenSSL NRPE = 2.15 Remote Command Execution Vulnerability Release date: 17.04.2014 Discovered by: Dawid Golunski...

NRPE 2.15 Remote Command Execution

!/usr/bin/python Exploit Title : NRPE http://www.abcompcons.com/files/nrpeclient.py pyOpenSSL Library required http://pyopenssl.sourceforge.net/ root@localhost pip-python install pyOpenSSL NRPE = 2.15 Remote Command Execution Vulnerability Release date: 17.04.2014 Discovered by: Dawid Golunski...

Important: nrpe

Issue Overview: DISPUTED Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor NRPE 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/checknrpe. NOTE: this issue is disputed by multiple parties. It ha...

openSUSE Security Update : nrpe (openSUSE-SU-2014:0594-1)

This nrpe update fixes the following security documentation problem. - bnc874743: Documented a possible command injection when command arguments are enabled CVE-2014-2913. More details can be found inside the documentation of this package. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

SuSE 11.3 Security Update : nagios-nrpe, nagios-nrpe-debuginfo, nagios-nrpe-debugsource, etc (SAT Patch Number 9204)

nagios-nrpe has been updated to prevent possible remote command execution when command arguments are enabled. This issue affects versions 2.15 and older. Further information is available at http://seclists.org/fulldisclosure/2014/Apr/240 These security issues have been fixed : - Remote command...

Updated nrpe packages fix CVE-2014-2913

Updated nrpe packages fix security vulnerability: A remote, command execution flaw was discovered in Nagios NRPE when command arguments are enabled. A remote attacker could use this flaw to execute arbitrary commands CVE-2014-2913...

MGASA-2014-0217 Updated nrpe packages fix CVE-2014-2913

Updated nrpe packages fix security vulnerability: A remote, command execution flaw was discovered in Nagios NRPE when command arguments are enabled. A remote attacker could use this flaw to execute arbitrary commands CVE-2014-2913...

CVE-2014-2913

Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor NRPE 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/checknrpe. NOTE: this issue is disputed by multiple parties. It has been reported that the...