Download
| Alert*
oval:org.secpod.oval:def:400525
NRPE allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as check_http, to execute arbitrary commands under the uid tha ... oval:org.secpod.oval:def:400523 NRPE allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as check_http, to execute arbitrary commands under the uid tha ... oval:org.secpod.oval:def:104982 Nrpe is a system daemon that will execute various Nagios plugins locally on behalf of a remote host that uses the check_nrpe plugin oval:org.secpod.oval:def:104990 Nrpe is a system daemon that will execute various Nagios plugins locally on behalf of a remote host that uses the check_nrpe plugin oval:org.secpod.oval:def:1600265 Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor before 2.14 might allow remote attackers to execute arbitrary shell commands via "$" shell metacharacters, which are processed by bash. oval:org.secpod.oval:def:1300264 A vulnerability has been discovered and corrected in nrpe: Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor before 2.14 might allow remote attackers to execute arbitrary shell commands via $ shell metacharacters, which are processed by bash . The updated packages have ... |