454 matches found
CVE-2012-3410
Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix...
Stack overflow
Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix...
CVE-2012-3410
Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix...
CVE-2012-3410
Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix...
CVE-2012-3410
CVE-2012-3410 describes a stack-based buffer overflow in GNU Bash (lib/sh/eaccess.c) that occurs when expanding the /dev/fd prefix. Before Bash 4.2 patch 33, a long filename in /dev/fd could allow local users to bypass intended restricted shell access. The vulnerability’s impact is described as a...
Debian DSA-2530-1 : rssh - shell command injection
Henrik Erkkonen discovered that rssh, a restricted shell for SSH, does not properly restrict shell access. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-2530. The text itself is copyrigh...
[SECURITY] Fedora 13 Update: rssh-2.3.3-1.fc13
rssh is a restricted shell for use with OpenSSH, allowing only scp and/or sftp. For example, if you have a server which you only want to allow users to copy files off of via scp, without providing shell access, you can use rssh to do that. It is a alternative to scponly...
[SECURITY] Fedora 14 Update: rssh-2.3.3-1.fc14
rssh is a restricted shell for use with OpenSSH, allowing only scp and/or sftp. For example, if you have a server which you only want to allow users to copy files off of via scp, without providing shell access, you can use rssh to do that. It is a alternative to scponly...
[SECURITY] Fedora 15 Update: rssh-2.3.3-1.fc15
rssh is a restricted shell for use with OpenSSH, allowing only scp and/or sftp. For example, if you have a server which you only want to allow users to copy files off of via scp, without providing shell access, you can use rssh to do that. It is a alternative to scponly...
CVE-2009-4644
Accellion Secure File Transfer Appliance before 80105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program...
Design/Logic Flaw
Accellion Secure File Transfer Appliance before 80105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program...
CVE-2009-4644
The CVE-2009-4644 issue affects the Accellion Secure File Transfer Appliance, specifically versions prior to 8_0_105. It allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands by injecting shell metacharacters via the cli program (demonstrated wit...
CVE-2009-4644
Accellion Secure File Transfer Appliance before 80105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program...
Debian Security Advisory DSA 1109-1 (rssh)
The remote host is missing an update to rssh announced via advisory DSA 1109-1. Russ Allbery discovered that rssh, a restricted shell, performs insufficient checking of incoming commands, which might lead to a bypass of access restrictions. OpenVAS Vulnerability Test $Id: deb11091.nasl 6616...
Debian DSA-1109-1 : rssh - programming error
Russ Allbery discovered that rssh, a restricted shell, performs insufficient checking of incoming commands, which might lead to a bypass of access restrictions. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...
DSA-1109 rssh - programming error
Bulletin has no description...
rssh: Privilege escalation
Background rssh is a restricted shell, allowing only a few commands like scp or sftp. It is often used as a complement to OpenSSH to provide limited access to users. Description Max Vozeler discovered that the rsshchroothelper command allows local users to chroot into arbitrary directories. Impac...
Operator Shell (osh) 1.7-14 Local Root Exploit
No description provided by source. !/bin/sh OSH 1.7-14 Exploit EDUCATIONAL purposes only.... :- by Charles Stevenson core [email protected] Description: The Operator Shell Osh is a setuid root, security enhanced, restricted shell. It allows the administrator to carefully limit the access of special...
osh restricted shell buffer overflow
Buffer overflow during command parsing...
[Full-disclosure] Operator Shell (osh) Stack-based Buffer Overflow
!/usr/bin/perl OSH 1.7 Exploit 2 Gonna bang away at this until it's removed ;- EDUCATIONAL purposes only.... :- by Charles Stevenson core [email protected] Description: The Operator Shell Osh is a setuid root, security enhanced, restricted shell. It allows the administrator to carefully limit the...