Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2004-1161HistoryJan 10, 2005 - 5:00 a.m.
CVE-2004-1161
2005-01-1005:00:00
Debian Security Bug Tracker
security-tracker.debian.org
7
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp -S.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | rssh | < 2.3.4-5+deb9u4 | rssh_2.3.4-5+deb9u4_all.deb |
Related
cve
cve
CVE-2004-1161
2005-01-10 05:00:00
ubuntucve
ubuntucve
CVE-2004-1161
2005-01-10 00:00:00
nessus
nessus
openvas
openvas
Gentoo Security Advisory GLSA 200412-01 (scponly)
2008-09-24 00:00:00
FreeBSD Ports: rssh
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200412-01 (scponly)
2008-09-24 00:00:00
gentoo
gentoo
rssh, scponly: Unrestricted command execution
2004-12-03 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related for DEBIANCVE:CVE-2004-1161