On 11/28/2012 03:46 PM, Rudolph Pereira wrote:
> Yes, I have tested this - we were able to compromise a host at a
> client using this.
>
> I think use of execve() would be fine, though wasn't sure if you loss
> of variable expansion would be acceptable.
>
Shell variables have never been officially supported in NRPE, so it's
not a huge issue. I'm not the NRPE maintainer, but I imagine that a
patch of some sort that resolves a potential remote-shell exploit would
be welcome. Once you have it and have contacted Eric Stanley and gotten
some sort of response out of him, a CVE id should be procured. I can do
that if you're unfamiliar with the process (which is really simple).
If so, send me the info you've got in as brief as possible format with
an extended explanation and description of how to exploit it and I'll
make sure it gets posted to the right places.
Thanks.
--
Andreas Ericsson andreas.ericsson@op5.se
OP5 AB www.op5.se
Tel: +46 8-230225 Fax: +46 8-230231
Considering the successes of the wars on alcohol, poverty, drugs and
terror, I think we should give some serious thought to declaring war
on peace.
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: ae@op5.se