Security fix for the ALT Linux 8 package rssh version 2.3.4-alt2

2.3.4-alt2 built July 4, 2016 Alexey Shabalin in task 166654 --- July 1, 2016 Alexey Shabalin - really update sources to 2.3.4 fixes CVE-2012-3478 and CVE-2012-2252 - add patch for rsync3 compat...

GLSA-201311-19 : rssh: Access restriction bypass

The remote host is affected by the vulnerability described in GLSA-201311-19 rssh: Access restriction bypass Multiple command line parsing and validation vulnerabilities have been discovered in rssh. Please review the CVE identifiers referenced below for details. Impact : Multiple parsing and...

Fedora 17 : rssh-2.3.4-1.fc17 (2012-20109)

Update to 2.3.4 and fix CVE-2012-2251 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

Re: rssh security announcement

All, Today I released rssh-2.3.4, which fixes an old issue, and a new issue: On Tue, May 08, 2012 at 01:14:26PM -0500, Derek Martin wrote: rssh is a shell for restricting SSH access to a machine to only scp, sftp, or a small set of similar applications. http://www.pizzashack.org/rssh/ Henrik...

CVE-2012-3478

CVE-2012-3478 affects the restricted shell implementation rssh (versions 2.3.3 and earlier). The root cause is that crafted environment variables in the command line allow local users to bypass intended restricted-shell access, enabling privilege escalation to some degree and bypass of restrictio...

Debian Security Advisory DSA 2530-1 (rssh)

The remote host is missing an update to rssh announced via advisory DSA 2530-1. OpenVAS Vulnerability Test $Id: deb25301.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2530-1 rssh Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

FreeBSD Ports: rssh

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

[SECURITY] [DSA 2530-1] rssh security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2530-1 [email protected] http://www.debian.org/security/ Florian Weimer August 15, 2012 http://www.debian.org/security/faq -...

Debian DSA-2530-1 : rssh - shell command injection

Henrik Erkkonen discovered that rssh, a restricted shell for SSH, does not properly restrict shell access. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-2530. The text itself is copyrigh...

[SECURITY] [DSA 2530-1] rssh security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2530-1 [email protected] http://www.debian.org/security/ Florian Weimer August 15, 2012 http://www.debian.org/security/faq -...