Nagios Remote Plugin Executor Arbitrary Command Execution Vulnerability
Publish date: 21 de julio de 2015
Gravedad: High
Fecha recomendada: 21 de julio de 2015
Descripción
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1005490