CVE-2013-1362

Published: Jul 9, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.novell.com/show_bug.cgi?id=807241

x_refsource_CONFIRM

20130221 OSEC-2013-01: nagios metacharacter filtering omission

mailing-list

x_refsource_BUGTRAQ

openSUSE-SU-2013:0624

vendor-advisory

x_refsource_SUSE

24955

exploit

x_refsource_EXPLOIT-DB

http://www.occamsec.com/vulnerabilities.html#nagios_metacharacter_vulnerability

x_refsource_MISC

openSUSE-SU-2013:0621

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-1362

Description

Affected Products

References