CVE-2014-2913 : Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (N

Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe. NOTE: this issue is disputed by multiple parties. It has been reported that the vendor allows newlines as "expected behavior." Also, this issue can only occur when the administrator enables the "dont_blame_nrpe" option in nrpe.conf despite the "HIGH security risk" warning within the comments

Published 2014-05-07 10:55:07

Updated 2025-04-12 10:46:41

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2014-2913

Nagios » Remote Plugin Executor
Versions up to, including, (<=) 2.15
cpe:2.3:a:nagios:remote_plugin_executor:*:*:*:*:*:*:*:*
Matching versions
Opensuse » Opensuse » Version: 11.4
cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
Matching versions
Opensuse » Opensuse » Version: 12.3
cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
Matching versions
Opensuse » Opensuse » Version: 13.1
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2014-2913

EPSS FAQ

16.41%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 94 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2014-2913

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2014-2913

http://www.securityfocus.com/bid/66969

Nagios Remote Plugin Executor 'nrpe.c' Remote Code Execution Vulnerability
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166528.html

[SECURITY] Fedora 23 Update: nrpe-2.15-7.fc23
http://lists.opensuse.org/opensuse-updates/2014-05/msg00005.html

openSUSE-SU-2014:0594-1: moderate: update for nrpe
http://seclists.org/oss-sec/2014/q2/155

oss-sec: Re: CVE Request: Nagios Remote Plugin Executor <= 2.15 Remote Command Execution
http://seclists.org/fulldisclosure/2014/Apr/240

Full Disclosure: NRPE - Nagios Remote Plugin Executor <= 2.15 Remote Command Execution
Exploit
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00011.html

[security-announce] SUSE-SU-2014:0682-1: important: Security update for
http://lists.opensuse.org/opensuse-updates/2014-05/msg00014.html

openSUSE-SU-2014:0603-1: moderate: update for nagios-nrpe
http://seclists.org/oss-sec/2014/q2/154

oss-sec: Re: CVE Request: Nagios Remote Plugin Executor <= 2.15 Remote Command Execution
http://seclists.org/fulldisclosure/2014/Apr/242

Full Disclosure: Re: NRPE - Nagios Remote Plugin Executor <= 2.15 Remote Command Execution
Exploit

Jump to

Vulnerability Details : CVE-2014-2913

Products affected by CVE-2014-2913

Exploit prediction scoring system (EPSS) score for CVE-2014-2913

CVSS scores for CVE-2014-2913

References for CVE-2014-2913