Oval Definition:oval:org.opensuse.security:def:20142913
Revision Date:2022-06-30Version:1
Title:CVE-2014-2913
Description:

** DISPUTED ** Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe. NOTE: this issue is disputed by multiple parties. It has been reported that the vendor allows newlines as "expected behavior." Also, this issue can only occur when the administrator enables the "dont_blame_nrpe" option in nrpe.conf despite the "HIGH security risk" warning within the comments.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2014-2913
Mitre CVE-2014-2913
SUSE CVE-2014-2913
openSUSE-SU-2014:0594-1
openSUSE-SU-2014:0594-1
openSUSE-SU-2014:0603-1
openSUSE-SU-2014:0603-1
SUSE-SU-2014:0682-1
SUSE-SU-2014:0682-1
Platform(s):openSUSE 12.3 Update
openSUSE 13.1
openSUSE Tumbleweed
SUSE Linux Enterprise Server 11 SP1 for Teradata
SUSE Linux Enterprise Server 11 SP1-TERADATA
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
SUSE Linux Enterprise Server 11 SP3-TERADATA
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA
SUSE Linux Enterprise Server for SAP Applications 11 SP3
SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA
SUSE Linux Enterprise Server for VMWare 11 SP3
Product(s):
Definition Synopsis
  • openSUSE 13.1 is installed
  • AND Package Information
  • nagios-plugins-nrpe-2.15-4.1 is installed
  • OR nrpe-2.15-4.1 is installed
  • OR nrpe-doc-2.15-4.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND Package Information
  • nagios-nrpe-2.12-24.4.10 is installed
  • OR nagios-nrpe-doc-2.12-24.4.10 is installed
  • OR nagios-plugins-nrpe-2.12-24.4.10 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • nagios-nrpe-2.12-24.4.10 is installed
  • OR nagios-nrpe-doc-2.12-24.4.10 is installed
  • OR nagios-plugins-nrpe-2.12-24.4.10 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • nagios-nrpe-2.12-24.4.10 is installed
  • OR nagios-nrpe-doc-2.12-24.4.10 is installed
  • OR nagios-plugins-nrpe-2.12-24.4.10 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for VMWare 11 SP3 is installed
  • AND
  • nagios-nrpe-2.12-24.4.10 is installed
  • OR nagios-nrpe-doc-2.12-24.4.10 is installed
  • OR nagios-plugins-nrpe-2.12-24.4.10 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • nagios-nrpe-2.12-24.4.10.1 is installed
  • OR nagios-nrpe-doc-2.12-24.4.10.1 is installed
  • OR nagios-plugins-nrpe-2.12-24.4.10.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for VMWare 11 SP3 is installed
  • AND
  • nagios-nrpe-2.12-24.4.10.1 is installed
  • OR nagios-nrpe-doc-2.12-24.4.10.1 is installed
  • OR nagios-plugins-nrpe-2.12-24.4.10.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • OR SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP3 is installed
  • OR SUSE Linux Enterprise Server for VMWare 11 SP3 is installed
  • AND Package Information
  • nagios-nrpe-2.12-24.4.10 is installed
  • OR nagios-nrpe-doc-2.12-24.4.10 is installed
  • OR nagios-plugins-nrpe-2.12-24.4.10 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP3 is installed
  • OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA is installed
  • OR SUSE Linux Enterprise Server for VMWare 11 SP3 is installed
  • AND Package Information
  • nagios-nrpe-2.12-24.4.10 is installed
  • OR nagios-nrpe-doc-2.12-24.4.10 is installed
  • OR nagios-plugins-nrpe-2.12-24.4.10 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • AND Package Information
  • nagios-nrpe-2.12-24.4.10 is installed
  • OR nagios-nrpe-doc-2.12-24.4.10 is installed
  • OR nagios-plugins-nrpe-2.12-24.4.10 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • monitoring-plugins-nrpe-4.0.3-3.5 is installed
  • OR nrpe-4.0.3-3.5 is installed
  • OR nrpe-doc-4.0.3-3.5 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • nagios-nrpe-2.12-24.4.10.1 is installed
  • OR nagios-nrpe-doc-2.12-24.4.10.1 is installed
  • OR nagios-plugins-nrpe-2.12-24.4.10.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP3 is installed
  • OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP3 is installed
  • AND
  • nagios-nrpe-2.12-24.4.10.1 is installed
  • OR nagios-nrpe-doc-2.12-24.4.10.1 is installed
  • OR nagios-plugins-nrpe-2.12-24.4.10.1 is installed
    • BACK