File nagios-nrpe-CVE-2013-1362.patch of Package nagios-nrpe.openSUSE_12.1_Update

Index: nrpe-2.12/src/nrpe.c
===================================================================
--- nrpe-2.12.orig/src/nrpe.c
+++ nrpe-2.12/src/nrpe.c
@@ -1835,6 +1835,10 @@ int validate_request(packet *pkt){
 				syslog(LOG_ERR,"Error: Request contained an empty command argument");
 				return ERROR;
 		                }
+			if(strstr(macro_argv[x],"$(")) {
+				syslog(LOG_ERR,"Error: Request contained a bash command substitution!");
+				return ERROR;
+					}
 		        }
 	        }
 #endif

Places

File nagios-nrpe-CVE-2013-1362.patch of Package nagios-nrpe.openSUSE_12.1_Update

Places