SUSE SLES12 Security Update : nrpe (SUSE-SU-2024:1417-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1417-1 advisory. - Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor NRPE 2.15 and earlier allows remote attackers to execute...

DEBIAN-CVE-2020-6582

Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call...

Nagios Remote Plugin Executor Arbitrary Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'zlib' class...

Important: nrpe

Issue Overview: DISPUTED Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor NRPE 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/checknrpe. NOTE: this issue is disputed by multiple parties. It ha...

CVE-2014-2913

CVE-2014-2913 affects Nagios NRPE = 3.2.1-3 or disabling the dont_blame_nrpe option as a workaround. Gentoo GLSA, Mageia MGASA, and various Fedora advisories reference CVE-2014-2913 and advocate upgrading NRPE.Remediation: upgrade NRPE to a non-vulnerable version (examples: Fedora/Mageia/Arch gui...

CVE-2014-2913

Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor NRPE 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/checknrpe. NOTE: this issue is disputed by multiple parties. It has been reported that the...

Nagios Remote Plugin Executor 2.15 Remote Command Execution

Nagios Remote Plugin Executor NRPE versions 2.15 and below suffer from a remote command execution vulnerability. ============================================= - Release date: 17.04.2014 - Discovered by: Dawid Golunski - Severity: High ============================================= I. VULNERABILITY...

Nagios Remote Plugin Executor Arbitrary Command Execution

The Nagios Remote Plugin Executor NRPE is installed to allow a central Nagios server to actively poll information from the hosts it monitors. NRPE has a configuration option dontblamenrpe which enables command-line arguments to be provided remote plugins. When this option is enabled, even when NR...

Nagios Remote Plugin Executor - Arbitrary Command Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'zlib' class Metasploit3 'Nagios Remote Plugin...

Nagios Remote Plugin Executor Arbitrary Command Execution

The Nagios Remote Plugin Executor NRPE is installed to allow a central Nagios server to actively poll information from the hosts it monitors. NRPE has a configuration option dontblamenrpe which enables command-line arguments to be provided remote plugins. When this option is enabled, even when NR...

Nmap NSE net: nrpe-enum

Queries Nagios Remote Plugin Executor NRPE daemons to obtain information such as load averages, process counts, logged in user information, etc. This script attempts to execute the stock list of commands that are enabled. User-supplied arguments are not supported. SYNTAX: nrpe-enum.cmds: A...