CVE-2013-1362

描述

Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.

受影響套件(1)

• Debian/nagios-nrpefrom 0, < 2.13-3

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-1362