CVE-2013-1362
09.07.2013, 17:55
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.Enginsight
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 11.4 |
| opensuse | opensuse | 12.1 |
| opensuse | opensuse | 12.2 |
| nagios | remote_plug_in_executor | 𝑥 ≤ 2.13 |
| nagios | remote_plug_in_executor | 1.3 |
| nagios | remote_plug_in_executor | 1.4 |
| nagios | remote_plug_in_executor | 1.5 |
| nagios | remote_plug_in_executor | 1.6 |
| nagios | remote_plug_in_executor | 1.7 |
| nagios | remote_plug_in_executor | 1.8 |
| nagios | remote_plug_in_executor | 1.9 |
| nagios | remote_plug_in_executor | 2.0 |
| nagios | remote_plug_in_executor | 2.0b1:b1 |
| nagios | remote_plug_in_executor | 2.0b2:b2 |
| nagios | remote_plug_in_executor | 2.0b3:b3 |
| nagios | remote_plug_in_executor | 2.0b4:b4 |
| nagios | remote_plug_in_executor | 2.0b5:b5 |
| nagios | remote_plug_in_executor | 2.3 |
| nagios | remote_plug_in_executor | 2.4 |
| nagios | remote_plug_in_executor | 2.5 |
| nagios | remote_plug_in_executor | 2.5.1 |
| nagios | remote_plug_in_executor | 2.5.2 |
| nagios | remote_plug_in_executor | 2.6 |
| nagios | remote_plug_in_executor | 2.7 |
| nagios | remote_plug_in_executor | 2.7.1 |
| nagios | remote_plug_in_executor | 2.8 |
| nagios | remote_plug_in_executor | 2.8.1 |
| nagios | remote_plug_in_executor | 2.8b1:b1 |
| nagios | remote_plug_in_executor | 2.9 |
| nagios | remote_plug_in_executor | 2.10 |
| nagios | remote_plug_in_executor | 2.11 |
| nagios | remote_plug_in_executor | 2.12 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Common Weakness Enumeration
References