Detections
Analytics

Nagios NRPE nrpe.c Arbitrary Command Execution

high Nessus Plugin ID 66361

Language:

Synopsis

The monitoring service running on the remote host is affected by an arbitrary command execution vulnerability.

Description

The remote host is running a version of Nagios NRPE that contains a flaw that is triggered when input passed via '$()' is not properly sanitized before being used to execute plugins.

An unauthenticated, remote attacker could exploit this issue to execute arbitrary commands within the context of the vulnerable application.

Solution

Upgrade to Nagios NRPE 2.14 or later.

See Also

http://www.nessus.org/u?f72b1d9b

Plugin Details

Severity: High

ID: 66361

File Name: nagios_nrpe_2_14.nasl

Version: 1.7

Type: remote

Family: Misc.

Published: 5/9/2013

Updated: 4/11/2022

Configuration: Enable paranoid mode, Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:nagios:nagios

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/21/2012

Vulnerability Publication Date: 2/21/2013

Exploitable With

Metasploit (Nagios Remote Plugin Executor Arbitrary Command Execution)

Reference Information

CVE: CVE-2013-1362

BID: 58142