15 matches found
Security fix for the ALT Linux 6 package scponly version 4.8-alt2
July 19, 2009 Ilya Mashkin 4.8-alt2 - fix build with gcc - Add patch to prevent restriction bypass using OpenSSH's scp options -F and -o CVE-2007-6415...
Fedora Update for scponly FEDORA-2008-1728
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for scponly FEDORA-2008-1743
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Gentoo Security Advisory GLSA 200802-06 (scponly)
The remote host is missing updates announced in advisory GLSA 200802-06. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Fedora 7 : scponly-4.6-10.fc7 (2008-1728)
Wed Feb 13 2008 Tomas Hoger - 4.6-10 - Add patch to prevent restriction bypass using OpenSSH's scp options -F and -o CVE-2007-6415, 426072 - Mon Feb 11 2008 Warren Togami - 4.6-9 - rebuild with gcc-4.3 - Tue Dec 11 2007 Toshio Kuratomi - 4.6-8 - Disable rsync support due to security concerns: RH...
Fedora 8 : scponly-4.6-10.fc8 (2008-1743)
Wed Feb 13 2008 Tomas Hoger - 4.6-10 - Add patch to prevent restriction bypass using OpenSSH's scp options -F and -o CVE-2007-6415, 426072 - Mon Feb 11 2008 Warren Togami - 4.6-9 - rebuild with gcc-4.3 - Tue Dec 11 2007 Toshio Kuratomi - 4.6-8 - Disable rsync support due to security concerns: RH...
Security fix for the ALT Linux 6 package scponly version 4.8-alt1
Feb. 5, 2008 Ilya Evseev 4.8-alt1 - Updated to new version 4.8, fixes CVE-2007-6415 problem - Change source URL to SourceForge...
Debian Security Advisory DSA 1473-1 (scponly)
The remote host is missing an update to scponly announced via advisory DSA 1473-1. OpenVAS Vulnerability Test $Id: deb14731.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1473-1 scponly Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian: Security Advisory (DSA-1473-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1473-1 : scponly - design flaw
Joachim Breitner discovered that Subversion support in scponly is inherently insecure, allowing execution of arbitrary commands. Further investigation showed that rsync and Unison support suffer from similar issues. This set of issues has been assigned CVE-2007-6350. In addition, it was discovere...
CVE-2007-6415
CVE-2007-6415 affects scponly 4.6 and earlier, enabling remote authenticated users to bypass restrictions and execute arbitrary code via scp as implemented by OpenSSH with the -F and -o options. The vulnerability stems from how these options interact with scponly, allowing code execution under ce...
CVE-2007-6415
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute arbitrary code by invoking scp, as implemented by OpenSSH, with the -F and -o options...
[SECURITY] [DSA 1473-1] New scponly packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1473 [email protected] http://www.debian.org/security/ Florian Weimer January 21, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1473-1] New scponly packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1473 [email protected] http://www.debian.org/security/ Florian Weimer January 21, 2008 http://www.debian.org/security/faq -...
DSA-1473-1 scponly - arbitrary code execution
Bulletin has no description...