Hi Paul, Yep, just seen and issue was a badly configured iptables on this VM leaving port 5666 open to the world with "accept args" on in nrpe.cfg for Opsview-agent (their stock one).
So usual human error. Cheers all! On 20 April 2014 21:14, Paul Mansfield <[email protected]> wrote: > looks like you've been hit by the nagios nrpe vulnerability: > http://seclists.org/fulldisclosure/2014/Apr/240 > > basically it's possible to feed NRPE with additional commands because > NRPE doesn't block newlines when it cleans up input. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E [email protected] Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html Do you know we have our own VoIP provider called SureVoIP? See http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
