Nagios : Security Vulnerabilities, CVEs, Published In 2013
CVE-2013-1362
Public exploit
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.
Max CVSS
7.5
EPSS Score
94.16%
Published
2013-07-09
Updated
2018-10-30
CVE-2012-6096
Public exploit
Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via a long (1) host_name variable (host parameter) or (2) svc_description variable.
Max CVSS
7.5
EPSS Score
96.79%
Published
2013-01-22
Updated
2013-06-05
2 vulnerabilities found