Fix for NRPE <= 2.15 Remote Command Execution

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
poerschke
Posts: 1
Joined: Wed Jul 23, 2014 10:50 am

Fix for NRPE <= 2.15 Remote Command Execution

Post by poerschke »

Hello,

I wrote a fix for the NRPE 2.13 that I use in my environment and would like to share with you the fix that adopted here.
I think the fix is to extend the other versions of NRPE without any problems.

vulnerable code

Code: Select all

...
     if(contains_nasty_metachars(pkt->buffer)==TRUE){
          syslog(LOG_ERR,"Error: Request contained illegal metachars!");
          return ERROR;
             }
...


Fixed code

Code: Select all

const char newline[] = "\n";
...
/* test if buffer contains newline character */
int check_new_line(char *str){
     if(strpbrk(str, newline))
          return TRUE;
     return FALSE;
     }
...
     if(contains_nasty_metachars(pkt->buffer)==TRUE || check_new_line(pkt->buffer) == TRUE){
          syslog(LOG_ERR,"Error: Request contained illegal metachars!");
          return ERROR;
             }
...
Locked