Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Remote Plug In Executor Security Vulnerabilities - February

cve
cve

CVE-2013-1362

Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.

7.4AI Score

0.933EPSS

2013-07-09 05:55 PM
126
cve
cve

CVE-2020-6581

Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets \n as the character \ and the character n (not as the \n newline sequence). This can cause command injection.

7.3CVSS

7.4AI Score

0.001EPSS

2020-03-16 06:15 PM
68
cve
cve

CVE-2020-6582

Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call.

7.5CVSS

7.3AI Score

0.004EPSS

2020-03-16 06:15 PM
69