This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The monitoring service running on the remote host is affected by an
arbitrary command execution vulnerability.
The remote host is running a version of Nagios NRPE that contains a
flaw that is triggered when input passed via '$()' is not properly
sanitized before being used to execute plugins.
An unauthenticated, remote attacker could exploit this issue to
execute arbitrary commands within the context of the vulnerable
See also :
Upgrade to Nagios NRPE 2.14 or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : true
Nessus Plugin ID: 66361 ()
Bugtraq ID: 58142
CVE ID: CVE-2013-1362
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.