RSS   Vulnerabilities for 'Remote plug in executor'   RSS

2020-03-16
 
CVE-2020-6582

CWE-787
 

 
Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call.

 
 
CVE-2020-6581

CWE-74
 

 
Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets \n as the character \ and the character n (not as the \n newline sequence). This can cause command injection.

 
2013-07-09
 
CVE-2013-1362

CWE-20
 

 
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.

 

 >>> Vendor: Nagios 11 Products
Nagios
Plugins
Fusion
Remote plug in executor
Nagstamon
Nagios xi
Remote plugin executor
Nagios core
Incident manager
Log server
Network analyzer


Copyright 2024, cxsecurity.com

 

Back to Top