NRPE service VULNERABILITY

This support forum board is for support questions relating to Nagios XI, our flagship commercial network monitoring solution.
Locked
reincarne
Posts: 146
Joined: Wed Jun 26, 2013 4:39 am

NRPE service VULNERABILITY

Post by reincarne »

Hi,
Following the info here: http://legalhackers.com/advisories/nagios-nrpe.txt
Is is still possible? If yes - is there a good way to protect from this vulnerability?
Top
sreinhardt
-fno-stack-protector
Posts: 4366
Joined: Mon Nov 19, 2012 12:10 pm

Re: NRPE service VULNERABILITY

Post by sreinhardt »

Yes technically this vulnerability is still possible to exploit. As the disclosure states for solutions, the easiest and clearest option to stop this, is to disable arguments from nrpe. We realize this isn't always an ideal option, so using ip restrictions such as nrpe's allowed hosts, iptables, and xinetd. Encrypting the connection is also of course suggested. We have been discussing changes to this behavior, but a proper fix and not simply a bandaid is really required, and going to need some time.
Nagios-Plugins maintainer exclusively, unless you have other C language bugs with open-source nagios projects, then I am happy to help! Please pm or use other communication to alert me to issues as I no longer track the forum.
Top
reincarne
Posts: 146
Joined: Wed Jun 26, 2013 4:39 am

Re: NRPE service VULNERABILITY

Post by reincarne »

OK thanks :)
Top
sreinhardt
-fno-stack-protector
Posts: 4366
Joined: Mon Nov 19, 2012 12:10 pm

Re: NRPE service VULNERABILITY

Post by sreinhardt »

You're welcome, going to lock this up.
Nagios-Plugins maintainer exclusively, unless you have other C language bugs with open-source nagios projects, then I am happy to help! Please pm or use other communication to alert me to issues as I no longer track the forum.
Top
Locked

Return to “Nagios XI”