11 matches found
Fedora Update for scponly FEDORA-2008-1743
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for scponly FEDORA-2008-1728
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Gentoo Security Advisory GLSA 200802-06 (scponly)
The remote host is missing updates announced in advisory GLSA 200802-06. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Debian Security Advisory DSA 1473-1 (scponly)
The remote host is missing an update to scponly announced via advisory DSA 1473-1. OpenVAS Vulnerability Test $Id: deb14731.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1473-1 scponly Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian: Security Advisory (DSA-1473-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1473-1 : scponly - design flaw
Joachim Breitner discovered that Subversion support in scponly is inherently insecure, allowing execution of arbitrary commands. Further investigation showed that rsync and Unison support suffer from similar issues. This set of issues has been assigned CVE-2007-6350. In addition, it was discovere...
[SECURITY] [DSA 1473-1] New scponly packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1473 [email protected] http://www.debian.org/security/ Florian Weimer January 21, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1473-1] New scponly packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1473 [email protected] http://www.debian.org/security/ Florian Weimer January 21, 2008 http://www.debian.org/security/faq -...
DSA-1473-1 scponly - arbitrary code execution
Bulletin has no description...
CVE-2007-6350
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including 1 unison, 2 rsync, 3 svn, and 4 svnserve, as originally demonstrated by creating a Subversion SVN repository with malicious hooks, then using svn ...
CVE-2007-6350
CVE-2007-6350 affects scponly 4.6 and earlier, where remote authenticated users could bypass restrictions and execute code by abusing certain subcommands (unison, rsync, svn, svnserve) via a malicious SVN repository and hooks to trigger execution. Public references show Fedora advisories (2008-17...