VA Scan Vulnerability For NRPE 5666 on Windows Servers

[sarfarosh]

Hi Team,
As check_nt is giving physical+page memory. We are using check_nrpe to monitor windows physical memory usage but now we are getting vulnerabilities because of this. Please give some solution as its very critical issue and affecting the business.

[tmcdonald]

NSClient (the agent on your Windows machine) is a third-party agent that can communicate with check_nrpe to run active checks. That is the agent giving you the SSL errors. I looked into their documentation and there are only a few SSL parameters you can configure:

https://docs.nsclient.org/reference/cli ... %20options
https://docs.nsclient.org/reference/cli ... ed-ciphers

but that should remedy most of the issues. The one pertaining to a self-signed certificate is obviously not something we can assist with, as you or your team generated that internally.

There is also a good article on NSClient security by the author here - https://www.medin.name/blog/2012/12/02/ ... ntication/

What NSClient version are you running? Some of those options may or may not be available depending on your version.

To be clear, this report is not saying there is a vulnerability in the software, only that the SSL options supported may be weaker than more recent options.