Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2020/07/27 12:0 a.m.33 views

GLSA-202007-29 : rssh: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202007-29 rssh: Multiple vulnerabilities Multiple vulnerabilities have been discovered in rssh. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details...

9.8CVSS8.1AI score0.04869EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2019/12/20 12:0 a.m.48 views

Amazon Linux AMI : rssh (ALAS-2019-1328)

Insufficient sanitation of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands. CVE-2019-3464 Insufficient sanitation of arguments...

9.8CVSS8.4AI score0.04869EPSS
Exploits5References4
Amazon
Amazon
added 2019/12/13 12:0 a.m.99 views

Important: rssh

Issue Overview: Insufficient sanitation of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands. CVE-2019-3464 Insufficient sanitati...

9.8CVSS9.3AI score0.04869EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2019/11/12 12:0 a.m.28 views

Fedora 29 : rssh (2019-bfb407659e)

Fix CVE-2019-3463, CVE-2019-3464 and CVE-2019-1000018. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

9.8CVSS8AI score0.04869EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2019/11/12 12:0 a.m.27 views

Fedora 30 : rssh (2019-d1487c13ac)

Fix CVE-2019-3463, CVE-2019-3464 and CVE-2019-1000018. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

9.8CVSS8AI score0.04869EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2019/11/12 12:0 a.m.30 views

Fedora 31 : rssh (2019-e47add6b2b)

Fix CVE-2019-3463, CVE-2019-3464 and CVE-2019-1000018. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

9.8CVSS8AI score0.04869EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2019/04/12 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-3946-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.04869EPSS
Exploits5References2
CVE
CVE
added 2019/02/06 7:0 p.m.139 views

CVE-2019-3464

CVE-2019-3464 involves insufficient sanitization of environment variables passed to rsync, enabling bypass of rssh restrictions and potential execution of arbitrary shell commands. The vulnerability affects setups using rssh as a restricted shell paired with rsync; attackers could exploit environ...

9.8CVSS9.3AI score0.04699EPSS
Exploits3References10Affected Software1
OpenVAS
OpenVAS
added 2019/02/06 12:0 a.m.72 views

Debian: Security Advisory (DLA-1660-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.04869EPSS
Exploits3References3
Debian
Debian
added 2019/02/05 9:28 p.m.123 views

[SECURITY] [DLA 1660-1] rssh security update

Package : rssh Version : 2.3.4-4+deb8u2 CVE ID : CVE-2019-3463 CVE-2019-3464 More vulnerabilities were found by Nick Cleaton in the rssh code that could lead to arbitrary code execution under certain circumstances. CVE-2019-3463 reject rsync --daemon and --config command-line options; arbitrary...

9.8CVSS7.8AI score0.04869EPSS
Exploits3
Rows per page
Query Builder