Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios plugins vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2007-5198
Buffer overflow in the redir function in check_http.c in Nagios Plugins prior to 1.4.10, when running with the -f (follow) option, allows remote web servers to execute arbitrary code via Location header responses (redirects) with a large number of leading "L" characters...
Nagios Plugins
1 EDB exploit
5
CVSSv2
CVE-2007-5623
Buffer overflow in the check_snmp function in Nagios Plugins (nagios-plugins) 1.4.10 allows remote malicious users to cause a denial of service (crash) via crafted snmpget replies.
Nagios Plugins 1.4.10
4.4
CVSSv2
CVE-2013-4215
The IPXPING_COMMAND in contrib/check_ipxping.c in Nagios Plugins 1.4.16 allows local users to gain privileges via a symlink attack on /tmp/ipxping/ipxping.
Nagios Plugins 1.4.16
7.5
CVSSv2
CVE-2020-7206
HP nagios plugin for iLO (nagios-plugins-hpilo v1.50 and previous versions) has a php code injection vulnerability.
Hp Nagios-plugins-hpilo
2.1
CVSSv2
CVE-2014-4703
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701.
Nagios Nagios 2.0.2
1 EDB exploit
9
CVSSv2
CVE-2020-35578
An issue exists in the Manage Plugins page in Nagios XI prior to 5.8.0. Because the line-ending conversion feature is mishandled during a plugin upload, a remote, authenticated admin user can execute operating-system commands.
Nagios Nagios Xi
1 Metasploit module
2.1
CVSSv2
CVE-2014-4701
The check_dhcp plugin in Nagios Plugins prior to 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4702.
Nagios Nagios
2.1
CVSSv2
CVE-2014-4702
The check_icmp plugin in Nagios Plugins prior to 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4701.
Nagios Nagios
9
CVSSv2
CVE-2019-15949
Nagios XI prior to 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios user, or access as the admin user via the web interface. The getprofile.sh script, invoked by downloading a system profile (profile.php?cmd=download), is exec...
Nagios Nagios Xi
1 EDB exploit
4 Github repositories
2.1
CVSSv2
CVE-2019-20384
Gentoo Portage up to and including 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugins directory by leveraging access to the nagios user account, because this directory is writable in between a call to emake and a call to fowners.
Gentoo Portage
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started