Nagios NRPE Command Argument Processing Enabled

high Nessus Plugin ID 73757

Synopsis

The monitoring service running on the remote host may be affected by an arbitrary command execution vulnerability.

Description

The version of Nagios Remote Plugin Executor (NRPE) running on the remote host has command argument processing enabled and accepts the newline character. An unauthenticated, remote attacker can exploit this issue to execute arbitrary commands within the context of the vulnerable application by appending those commands via a newline character in the '-a' option to libexec/check_nrpe.

Solution

Disable command argument processing in the NRPE configuration.

See Also

http://legalhackers.com/advisories/nagios-nrpe.txt

http://www.nessus.org/u?addc2ef6

Plugin Details

Severity: High

ID: 73757

File Name: nagios_nrpe_command_argument_processing.nasl

Version: 1.7

Type: remote

Family: Misc.

Published: 4/29/2014

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:nagios:nagios

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 4/17/2014

Reference Information

CVE: CVE-2014-2913

BID: 66969