Search CVE reports
1 – 4 of 4 results
CVE-2020-6582
Low priorityNagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call.
1 affected packages
nagios-nrpe
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nagios-nrpe | Not affected | Not affected | Not affected | Vulnerable | Needs evaluation |
CVE-2020-6581
Low priorityNagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets \n as the character \ and the character n (not as the \n newline sequence). This can cause command injection.
1 affected packages
nagios-nrpe
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nagios-nrpe | Not affected | Not affected | Not affected | Vulnerable | Not affected |
CVE-2014-2913
Low priority** DISPUTED ** Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option...
1 affected packages
nagios-nrpe
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nagios-nrpe | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2013-1362
Low priorityIncomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.
1 affected packages
nagios-nrpe
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nagios-nrpe | — | — | — | — | Not affected |