Nagios NRPE vulnerabibility Issue

This support forum board is for support questions relating to Nagios XI, our flagship commercial network monitoring solution.
Locked
johnken
Posts: 1
Joined: Mon Feb 24, 2020 11:19 pm

Nagios NRPE vulnerabibility Issue

Post by johnken »

Around 500 machines is getting vulnerability issue on port 5666 [Nrpe Client]

NRPE Version using on server is 2.13 which is old version I know.

Vulnerability Details.

1.TLS Server Supports TLS version 1.0
2.TLS Server Supports TLS version 1.1
3.TLS/SSL Server is enabling the BEAST attack
4.TLS/SSL Server is enabling the POODLE attack
5.TLS/SSL Server Supports RC4 Cipher Algorithms (CVE-2013-2566)
6.TLS/SSL Server Supports The Use of Static Key Ciphers


Is there any option to fix this without upgrading the NRPE Client ?

Note: I am not using any SSL on Nagios Server and Nagios Client.
Top
scottwilkerson
DevOps Engineer
Posts: 19396
Joined: Tue Nov 15, 2011 3:11 pm
Location: Nagios Enterprises
Contact:
Contact scottwilkerson

Re: Nagios NRPE vulnerabibility Issue

Post by scottwilkerson »

johnken wrote: Is there any option to fix this without upgrading the NRPE Client ?
Unfortunately to my knowledge there is no way to eliminate this without an upgrade.
Former Nagios employee
Creator:
Human Design Website
Get Your Human Design Chart
Top
Locked

Return to “Nagios XI”