Description
Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe. NOTE: this issue is disputed by multiple parties. It has been reported that the vendor allows newlines as "expected behavior." Also, this issue can only occur when the administrator enables the "dont_blame_nrpe" option in nrpe.conf despite the "HIGH security risk" warning within the comments
Exploits (2)
exploitdb
WORKING POC
by Claudio Viviani · pythonremotemultiple
https://www.exploit-db.com/exploits/34461
exploitdb
WORKING POC
by Dawid Golunski · textremotemultiple
https://www.exploit-db.com/exploits/32925
References (9)
Core 9
Core References
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2014-05/msg00014.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/66969
Mailing List mailing-list
x_refsource_mlist
http://seclists.org/oss-sec/2014/q2/155
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166528.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2014-05/msg00005.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00011.html
Mailing List mailing-list
x_refsource_mlist
http://seclists.org/oss-sec/2014/q2/154
Exploit mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Apr/240
Exploit mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Apr/242
Scores
EPSS
0.1857
EPSS Percentile
95.3%
Details
Status
published
Products (4)
nagios/remote_plugin_executor
< 2.15
opensuse/opensuse
11.4
opensuse/opensuse
12.3
opensuse/opensuse
13.1
Published
May 07, 2014
Tracked Since
Feb 18, 2026