Vulnerability Details : CVE-2013-1362
Public exploit exists!
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.
Vulnerability category: Input validation
Exploit prediction scoring system (EPSS) score for CVE-2013-1362
Probability of exploitation activity in the next 30 days: 94.16%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2013-1362
-
Nagios Remote Plugin Executor Arbitrary Command Execution
Disclosure Date: 2013-02-21First seen: 2020-04-26exploit/linux/misc/nagios_nrpe_argumentsThe Nagios Remote Plugin Executor (NRPE) is installed to allow a central Nagios server to actively poll information from the hosts it monitors. NRPE has a configuration option dont_blame_nrpe which enables command-line arguments to be provided remote plugins. When
CVSS scores for CVE-2013-1362
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2013-1362
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-1362
-
http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00006.html
[security-announce] openSUSE-SU-2013:0624-1: important: NRPE metacharact
-
https://bugzilla.novell.com/show_bug.cgi?id=807241
Bug 807241 – VUL-0: CVE-2013-1362: nagios / nrpe: blacklist test fails to properly match all potential metacharacters
-
http://www.exploit-db.com/exploits/24955
Nagios Remote Plugin Executor - Arbitrary Command Execution (Metasploit) - Linux remote Exploit
-
http://www.occamsec.com/vulnerabilities.html#nagios_metacharacter_vulnerability
404 | OccamSec
-
http://seclists.org/bugtraq/2013/Feb/119
Bugtraq: OSEC-2013-01: nagios metacharacter filtering omission
-
http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00005.html
[security-announce] openSUSE-SU-2013:0621-1: important: NRPE metacharact
Products affected by CVE-2013-1362
- cpe:2.3:a:nagios:remote_plug_in_executor:*:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.0b1:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:1.8:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.10:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.0b3:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.0b2:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.8b1:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:1.7:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:1.6:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.12:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.11:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.7:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.6:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.0b5:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:1.9:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:2.0b4:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:nagios:remote_plug_in_executor:1.4:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*