Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-1362

Опубликовано: 09 июл. 2013
Источник: nvd
CVSS2: 7.5
EPSS Высокий

Описание

Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:nagios:remote_plug_in_executor:*:*:*:*:*:*:*:*
Версия до 2.13 (включая)
cpe:2.3:a:nagios:remote_plug_in_executor:1.3:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:1.4:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:1.5:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:1.6:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:1.7:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:1.8:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:1.9:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.0:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.0b1:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.0b2:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.0b3:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.0b4:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.0b5:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.3:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.4:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.5:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.6:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.7:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.8:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.8.1:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.8b1:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.9:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.10:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.11:*:*:*:*:*:*:*
cpe:2.3:a:nagios:remote_plug_in_executor:2.12:*:*:*:*:*:*:*

EPSS

Процентиль: 99%
0.76437
Высокий

7.5 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2013-1362

ubuntu
больше 12 лет назад

Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.

redhat логотип

CVE-2013-1362

redhat
почти 13 лет назад

Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.

debian логотип

CVE-2013-1362

debian
больше 12 лет назад

Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In ...

github логотип

GHSA-cp28-pf73-xw7v

github
больше 3 лет назад

Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.

EPSS

Процентиль: 99%
0.76437
Высокий

7.5 High

CVSS2

Дефекты

CWE-20