Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-1362

Опубликовано: 21 фев. 2013
Источник: redhat
CVSS2: 7.5
EPSS Высокий

Описание

Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat OpenStack Platform 2.1nrpeAffected
Red Hat OpenStack Platform 3nrpeAffected
Red Hat OpenStack Platform 4nrpeAffected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-78
https://bugzilla.redhat.com/show_bug.cgi?id=916947NRPE: nagios metacharacter filtering omission

EPSS

Процентиль: 99%
0.76437
Высокий

7.5 High

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-1362

ubuntu
больше 12 лет назад

Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.

nvd логотип

CVE-2013-1362

nvd
больше 12 лет назад

Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.

debian логотип

CVE-2013-1362

debian
больше 12 лет назад

Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In ...

github логотип

GHSA-cp28-pf73-xw7v

github
больше 3 лет назад

Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.

EPSS

Процентиль: 99%
0.76437
Высокий

7.5 High

CVSS2