9 matches found
Fedora 18 : rssh-2.3.4-1.fc18 (2012-20111)
Update to 2.3.4 and fix CVE-2012-2251 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
CVE-2012-2251
rssh 2.3.2, as used by Debian, Fedora, and others, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via a 1 "-e" or 2 "--" command line option...
CVE-2012-2251
rssh 2.3.2, as used by Debian, Fedora, and others, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via a 1 "-e" or 2 "--" command line option...
CVE-2012-2251
CVE-2012-2251 affects rssh 2.3.2 (used by Debian, Fedora and others) where, with rsync enabled, local users can bypass restricted shell via the "-e" or "--" options. The issue, per sources, yields partial confidentiality/integrity/availability impact. Fedora addressed this with rssh 2.3.4-1.fc18 ...
CVE-2012-2251
Removed by vendor...
Fedora 17 : rssh-2.3.4-1.fc17 (2012-20109)
Update to 2.3.4 and fix CVE-2012-2251 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
Debian DSA-2578-1 : rssh - insufficient filtering of rsync command line
James Clawson discovered that rssh, a restricted shell for OpenSSH to be used with scp, sftp, rdist and cvs, was not correctly filtering command line options. This could be used to force the execution of a remote script and thus allow arbitrary command execution. Two CVE were assigned : -...
DSA-2578-1 rssh - several
Bulletin has no description...
[SECURITY] [DSA 2578-1] rssh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2578-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez November 28, 2012 http://www.debian.org/security/faq -...