On Sun, 20 Apr 2014, Markus Manzke wrote: > Package: nagios-nrpe-server > Severity: critical > Tags: security > > NRPE fails to check input when a newline-character is issued > > POC has been released and works on debian 7, no CVE assigned yet > > http://seclists.org/fulldisclosure/2014/Apr/240 > http://seclists.org/oss-sec/2014/q2/136 There is a good reason we don't recommend using arguments...
Alex -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
