Version 3.0.1 (Mileva Marić) Released
Lorenz Kästle, July 1, 2026
The Monitoring Plugins Development Team announces version 3.0.1
of the Monitoring Plugins.
This is a security release which fixes a vulnerability in check_icmp.
This release primarily fixes a potential local privilege escalation
vulnerability in check_icmp.
Due to errors in how memory was managed and number were compared (yay, C!)
it might be possible to execute arbitrary code during the execution
of check_icmp which sometimes is a setuid binary and would therefore
allow executing things with root priviledges.
We thank Christopher Kreft for reporting the problem.
The codename for this relase is "Mileva Marić".
There are some other changes which come with this release:
General changes
- Version 3.0.0 switched to using the library net-snmp in
check_snmpdirectly instead of executingsnmpget(orsnmpgetnext). Unintentionally this made the net-snmp libary a hard build time requirement for all of the plugins. 3.0.1 introduces the autodetection of the net-snmp libaray and will build the other plugins successfully if it is not present. This mimics the pre 3.0.0 behaviour.
Specific changes
check_curl- Populate the DNS cache correctly when using proxies with local hostname resolution The faulty behaviour was introduced during a refactor of the code.
- Some other fixes and small improvements
check_mysql_query- A new option
--queryname(similar tocheck_pgsql) allows to overwrite the query in the ouput, either to hide it or just replace it with something more useful/pleasing check_mysql- Fix incorrect casing of the MariaDB name
You can get the tarball from our download page.