EUVD-2004-1159

Malware in sbrugna...

EUVD-2019-1737

Malware in sbrugna...

EUVD-2004-1622

Malware in sbrugna...

EUVD-2012-2245

Malware in sbrugna...

EUVD-2006-1324

Malware in sbrugna...

EUVD-2004-0608

Malware in sbrugna...

EUVD-2012-3434

Malware in sbrugna...

EUVD-2012-2244

Malware in sbrugna...

EUVD-2005-3344

Malware in sbrugna...

SUSE CVE-2012-2251

rssh 2.3.2, as used by Debian, Fedora, and others, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via a 1 "-e" or 2 "--" command line option...

OS Command Injection

rssh is vulnerable to OS command injection. Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands...

Arbitrary Command Execution

rssh is vulnerable to arbitrary command execution. An attacker is able to bypass restrictions imposed by rssh due to insufficient sanitization of environment variables that are passed to rsync, resulting in the execution of arbitrary shell commands...

Command Injection

rssh is vulnerable to Command Injection. The vulnerability exists due an insecure permission in allowscp...

CommScope Ruckus IoT Controller 1.7.1.0 Undocumented Account Vulnerability

An upgrade account is included in the IoT Controller OVA that provides the vendor undocumented access via Secure Copy SCP. 1. Vulnerability Details Affected Vendor: CommScope Affected Product: Ruckus IoT Controller Affected Version: 1.7.1.0 and earlier Platform: Linux CWE Classification: CWE-798:...

GLSA-202007-29 : rssh: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202007-29 rssh: Multiple vulnerabilities Multiple vulnerabilities have been discovered in rssh. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details...

rssh: Multiple vulnerabilities

Background rssh is a restricted shell, allowing only a few commands like scp or sftp. It is often used as a complement to OpenSSH to provide limited access to users. Description Multiple vulnerabilities have been discovered in rssh. Please review the CVE identifiers referenced below for details...

Fedora Update for rssh FEDORA-2019-e47add6b2b

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Amazon Linux AMI : rssh (ALAS-2019-1328)

Insufficient sanitation of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands. CVE-2019-3464 Insufficient sanitation of arguments...

Important: rssh

Issue Overview: Insufficient sanitation of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands. CVE-2019-3464 Insufficient sanitati...

Fedora 30 : rssh (2019-d1487c13ac)

Fix CVE-2019-3463, CVE-2019-3464 and CVE-2019-1000018. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...