Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2020/07/27 12:0 a.m.33 views

GLSA-202007-29 : rssh: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202007-29 rssh: Multiple vulnerabilities Multiple vulnerabilities have been discovered in rssh. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details...

9.8CVSS8.1AI score0.04869EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2019/12/20 12:0 a.m.48 views

Amazon Linux AMI : rssh (ALAS-2019-1328)

Insufficient sanitation of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands. CVE-2019-3464 Insufficient sanitation of arguments...

9.8CVSS8.4AI score0.04869EPSS
Exploits5References4
Amazon
Amazon
added 2019/12/13 12:0 a.m.99 views

Important: rssh

Issue Overview: Insufficient sanitation of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands. CVE-2019-3464 Insufficient sanitati...

9.8CVSS9.3AI score0.04869EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2019/11/12 12:0 a.m.30 views

Fedora 31 : rssh (2019-e47add6b2b)

Fix CVE-2019-3463, CVE-2019-3464 and CVE-2019-1000018. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

9.8CVSS8AI score0.04869EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2019/11/12 12:0 a.m.28 views

Fedora 29 : rssh (2019-bfb407659e)

Fix CVE-2019-3463, CVE-2019-3464 and CVE-2019-1000018. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

9.8CVSS8AI score0.04869EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2019/11/12 12:0 a.m.27 views

Fedora 30 : rssh (2019-d1487c13ac)

Fix CVE-2019-3463, CVE-2019-3464 and CVE-2019-1000018. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

9.8CVSS8AI score0.04869EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2019/04/12 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-3946-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.04869EPSS
Exploits5References2
OSV
OSV
added 2019/02/06 7:29 p.m.19 views

CVE-2019-3463

Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands...

9.8CVSS9.5AI score
Exploits0References10
CVE
CVE
added 2019/02/06 7:0 p.m.132 views

CVE-2019-3463

CVE-2019-3463 involves insufficient sanitization of arguments passed to rsync, which can bypass rssh restrictions and allow execution of arbitrary shell commands. The issue lies in how rsync arguments are processed, enabling an authorized user to escape intended restrictions of the restricted she...

9.8CVSS9.2AI score0.04869EPSS
Exploits3References10Affected Software1
OSV
OSV
added 2019/02/06 12:0 a.m.3 views

UBUNTU-CVE-2019-3463

Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands...

9.8CVSS7.5AI score0.04869EPSS
Exploits3References5
OpenVAS
OpenVAS
added 2019/02/06 12:0 a.m.72 views

Debian: Security Advisory (DLA-1660-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.04869EPSS
Exploits3References3
Debian
Debian
added 2019/02/05 9:28 p.m.123 views

[SECURITY] [DLA 1660-1] rssh security update

Package : rssh Version : 2.3.4-4+deb8u2 CVE ID : CVE-2019-3463 CVE-2019-3464 More vulnerabilities were found by Nick Cleaton in the rssh code that could lead to arbitrary code execution under certain circumstances. CVE-2019-3463 reject rsync --daemon and --config command-line options; arbitrary...

9.8CVSS7.8AI score0.04869EPSS
Exploits3
Rows per page
Query Builder