CVE-2014-2913 log

Severity High
Remote Yes
Type Arbitrary command execution
Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe.
Group Package Affected Fixed Severity Status Ticket
AVG-587 nrpe 3.2.1-2 3.2.1-3 High Fixed FS#57120
Date Advisory Group Package Severity Type
18 Jan 2018 ASA-201801-14 AVG-587 nrpe High arbitrary command execution
This issue can only occur when nrpc is compiled with --enable-command-args and the administrator enables the "dont_blame_nrpe" option in nrpe.conf despite the "HIGH security risk" warning within the comments.

Test Exploit:
./check_nrpe -n -H  -c check_users -a "`echo -e "\x0a touch /tmp/vulntest "` #" 4