Lucene search
HistoryJul 14, 2023 - 10:15 p.m.
CVE-2023-38336
cve-2023-38336
command injection
netkit-rcp
rsh-client
filename
subsystem
vulnerability
cve-2006-0225
cve-2019-7283
cve-2020-15778
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.004 Low
EPSS
Percentile
72.5%
netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778.
Affected configurations
Node
netkitnetkitMatch0.17-24
Related
cvelist
cvelist
prion
prion
Command injection
2023-07-14 22:15:00
Command injection
2006-01-25 11:03:00
Command injection
2020-07-24 14:15:00
cve
cve
ubuntucve
ubuntucve
debiancve
debiancve
nessus
nessus
Mandrake Linux Security Advisory : openssh (MDKSA-2006:034)
2006-02-10 00:00:00
OpenSSH < 4.3 scp Command Line Filename Processing Command Injection
2011-10-04 00:00:00
Ubuntu 4.10 / 5.04 / 5.10 : openssh vulnerability (USN-255-1)
2006-03-13 00:00:00
openvas
openvas
Slackware Advisory SSA:2006-045-06 openssh
2012-09-11 00:00:00
Slackware: Security Advisory (SSA:2006-045-06)
2012-09-10 00:00:00
Gentoo Security Advisory GLSA 200602-11 (OpenSSH)
2008-09-24 00:00:00
ubuntu
ubuntu
openssh vulnerability
2006-02-22 00:00:00
ibm
ibm
osv
osv
Moderate: openssh security update
2024-05-22 00:00:00
netkit-rsh - security update
2021-11-19 00:00:00
CVE-2019-25017
2021-02-02 18:15:10
cbl_mariner
cbl_mariner
CVE-2020-15778 affecting package openssh 8.0p1-13
2020-11-30 19:30:42
seebug
seebug
Avaya CMS / IR Solaris scpε½δ»€θ‘shellε½δ»€ζ³¨ε
₯ζΌζ΄
2007-07-10 00:00:00
suse
suse
remote code execution in openssh
2006-02-14 10:41:38
slackware
slackware
[slackware-security] openssh
2006-02-15 00:27:52
redhat
redhat
(RHSA-2006:0044) openssh security update
2006-03-07 12:56:55
(RHSA-2024:3166) Moderate: openssh security update
2024-05-22 06:35:48
(RHSA-2006:0298) openssh security update
2006-07-20 09:25:51
gentoo
gentoo
OpenSSH, Dropbear: Insecure use of system() call
2006-02-20 00:00:00
OpenSSH: Multiple Vulnerabilities
2022-12-28 00:00:00
redhatcve
redhatcve
centos
centos
openssh security update
2006-03-08 00:16:52
openssh security update
2006-07-20 15:13:49
openssh security update
2006-10-02 01:42:56
nvd
nvd
almalinux
almalinux
Moderate: openssh security update
2024-05-22 00:00:00
alpinelinux
alpinelinux
CVE-2020-15778
2020-07-24 14:15:00
githubexploit
githubexploit
Exploit for OS Command Injection in Openbsd Openssh
2020-07-18 05:15:05
Exploit for OS Command Injection in Openbsd Openssh
2021-07-15 01:04:24
f5
f5
vulnrichment
vulnrichment
CVE-2020-15778
2020-07-24 00:00:00
oraclelinux
oraclelinux
openssh security update
2024-05-23 00:00:00
debian
debian
[SECURITY] [DLA 2822-1] netkit-rsh security update
2021-11-18 23:07:16
mageia
mageia
Updated rsh packages fix security vulnerability
2021-11-25 16:06:13
Updated krb5-appl packages fix security vulnerabilities
2021-04-24 01:53:14
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
avleonov
avleonov
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.004 Low
EPSS
Percentile
72.5%
Related for NVD:CVE-2023-38336