Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

NRPE service VULNERABILITY

https://support.nagios.com/forum/viewtopic.php?t=30484

Page 1 of 1

NRPE service VULNERABILITY

Posted: Wed Dec 10, 2014 9:46 am
by reincarne
Hi,
Following the info here: http://legalhackers.com/advisories/nagios-nrpe.txt
Is is still possible? If yes - is there a good way to protect from this vulnerability?

Re: NRPE service VULNERABILITY

Posted: Wed Dec 10, 2014 10:33 am
by sreinhardt
Yes technically this vulnerability is still possible to exploit. As the disclosure states for solutions, the easiest and clearest option to stop this, is to disable arguments from nrpe. We realize this isn't always an ideal option, so using ip restrictions such as nrpe's allowed hosts, iptables, and xinetd. Encrypting the connection is also of course suggested. We have been discussing changes to this behavior, but a proper fix and not simply a bandaid is really required, and going to need some time.

Re: NRPE service VULNERABILITY

Posted: Wed Dec 10, 2014 3:05 pm
by reincarne
OK thanks :)

Re: NRPE service VULNERABILITY

Posted: Wed Dec 10, 2014 3:07 pm
by sreinhardt
You're welcome, going to lock this up.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited