Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios plugins vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2007-5198
Buffer overflow in the redir function in check_http.c in Nagios Plugins prior to 1.4.10, when running with the -f (follow) option, allows remote web servers to execute arbitrary code via Location header responses (redirects) with a large number of leading "L" characters...
Nagios Plugins
1 EDB exploit
445
VMScore
CVE-2007-5623
Buffer overflow in the check_snmp function in Nagios Plugins (nagios-plugins) 1.4.10 allows remote malicious users to cause a denial of service (crash) via crafted snmpget replies.
Nagios Plugins 1.4.10
392
VMScore
CVE-2013-4215
The IPXPING_COMMAND in contrib/check_ipxping.c in Nagios Plugins 1.4.16 allows local users to gain privileges via a symlink attack on /tmp/ipxping/ipxping.
Nagios Plugins 1.4.16
668
VMScore
CVE-2020-7206
HP nagios plugin for iLO (nagios-plugins-hpilo v1.50 and previous versions) has a php code injection vulnerability.
Hp Nagios-plugins-hpilo
215
VMScore
CVE-2014-4703
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701.
Nagios Nagios 2.0.2
1 EDB exploit
940
VMScore
CVE-2020-35578
An issue exists in the Manage Plugins page in Nagios XI prior to 5.8.0. Because the line-ending conversion feature is mishandled during a plugin upload, a remote, authenticated admin user can execute operating-system commands.
Nagios Nagios Xi
1 Metasploit module
187
VMScore
CVE-2014-4701
The check_dhcp plugin in Nagios Plugins prior to 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4702.
Nagios Nagios
187
VMScore
CVE-2014-4702
The check_icmp plugin in Nagios Plugins prior to 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4701.
Nagios Nagios
906
VMScore
CVE-2019-15949
Nagios XI prior to 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios user, or access as the admin user via the web interface. The getprofile.sh script, invoked by downloading a system profile (profile.php?cmd=download), is exec...
Nagios Nagios Xi
1 EDB exploit
4 Github repositories
187
VMScore
CVE-2019-20384
Gentoo Portage up to and including 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugins directory by leveraging access to the nagios user account, because this directory is writable in between a call to emake and a call to fowners.
Gentoo Portage
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started