NoMachine for Everybody

NoMachine for your OS

NoMachine Network

What Network Subscription

NoMachine for the Enterprise

NoMachine Enterprise Desktop Products

NoMachine Enterprise Desktop

NoMachine Terminal Server Products

NoMachine Workstation

NoMachine Small Business Terminal Server

NoMachine Terminal Server

NoMachine Enterprise Terminal Server

NoMachine Enterprise Terminal Server Cluster

NoMachine Cloud Server Products

NoMachine Workgroup Cloud Server

NoMachine Cloud Server

NoMachine Enterprise Cloud Server

NoMachine Enterprise Cloud Server Cluster

NoMachine Enterprise Support

NoMachine Premium Support

NoMachine Mission Support

Download NoMachine

NoMachine for Windows

NoMachine for Mac

NoMachine for Linux

NoMachine for iOS

NoMachine for Android

NoMachine for Chrome OS

NoMachine for Raspberry

NoMachine for ARM

Download NoMachine Enterprise Products

NoMachine User Area

Technology Partners

Access Partners

Premium Partners

Become a Partner

Buy from NoMachine

NoMachine Network

NoMachine Enterprise

Documents and Tutorials

Frequently Asked Questions

Report an Issue

Latest News

Stay up-to-date with press releases and software updates


NX Server nxconfigure.sh Command Injection

2011-08-05	by: Silvia Regis

Rome, Italy, August 5, 2011 - A bug has been found in the nxconfigure.sh script, the SUIDed script used by NX Server Manager to handle the server configuration. This script could be executed by any user from the command line to execute arbitray commands on the system. A workaround has been provided in the Trouble Report we have opened as severity "Critical": http://www.nomachine.com/tr/view.php?id=TR08I02575 Due to the possible command injection vulnerability arising from this problem, it is strongly advised to upgrade the NX Server and NX Node installations to the following versions: NX Node 3.5.0-4 and NX Server 3.5.0-5. The NoMachine Security Team

Follow Us

Copyright 2002-2025, NoMachine S.à r.l. - VAT LU25935711 - NoMachine Privacy Policy