The vulnerability of the “rsync” implementation in the rssh command interface allows a hacker to execute arbitrary commands on the rssh interface.

The vulnerability of the “rsync” command in the rssh command interface is related to insufficient cleaning of the arguments passed to the command. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands on the rssh interface...

Digi TransPort LR54 Restricted Shell Escape Vulnerability

Digi TransPort LR54 suffers from a restricted shell bypass vulnerability that gets a root shell. CVE-2018-20162: Digi TransPort LR54 Restricted Shell Escape =========================================================== The Digi TransPort LR54 is a high speed LTE router commonly used by industry,...

ALPINE-CVE-2019-3463

Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands...

EUVD-2019-13103

Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands...

EUVD-2019-13102

Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands...

UBUNTU-CVE-2019-3463

Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands...

UBUNTU-CVE-2019-3464

Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands...

[SECURITY] [DSA 4382-1] rssh security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4382-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 02, 2019 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-4382-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerability in bash affects IBM Chassis Management Module (CVE-2016-9401)

Summary IBM Chassis Management Module has addressed the following vulnerability in bash. Vulnerability Details Summary IBM Chassis Management Module has addressed the following vulnerability in bash. Vulnerability Details: CVEID: CVE-2016-9401 Description: GNU Bash could allow a local attacker to...

[SECURITY] [DLA 1650-1] rssh security update

Package : rssh Version : 2.3.4-4+deb8u1 CVE ID : CVE-2019-1000018 Debian Bug : 919623 The ESnet security team discovered a vulnerability in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve Subversion, rdist and/or rsync operations. Missing validation in the scp...

[SECURITY] [DSA 4377-1] rssh security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4377-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 30, 2019 https://www.debian.org/security/faq -...

Brocade Fabric OS Elevation of Privilege Vulnerability (CNVD-2019-05926)

Brocade Fabric OS FOS is a set of embedded operating systems used in devices such as switches and routers from Brocade Communications Systems Brocade in the United States. A security vulnerability exists in the configdownload command of the command line interface in Brocade FOS. A local attacker...

CVE-2018-6439

A Vulnerability in the configdownload command of Brocade Fabric OS command line interface CLI versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access...

Security feature bypass

A Vulnerability in the configdownload command of Brocade Fabric OS command line interface CLI versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access...

CVE-2018-6439

A Vulnerability in the configdownload command of Brocade Fabric OS command line interface CLI versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access...

CVE-2018-6438

A Vulnerability in the supportsave command of Brocade Fabric OS command line interface CLI versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access...

CVE-2018-6438

A Vulnerability in the supportsave command of Brocade Fabric OS command line interface CLI versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access...

CVE-2018-6437

A Vulnerability in the help command of Brocade Fabric OS command line interface CLI versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access...

CVE-2018-6437

A Vulnerability in the help command of Brocade Fabric OS command line interface CLI versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access...