3 matches found
Fedora 7 : scponly-4.6-10.fc7 (2008-1728)
Wed Feb 13 2008 Tomas Hoger - 4.6-10 - Add patch to prevent restriction bypass using OpenSSH's scp options -F and -o CVE-2007-6415, 426072 - Mon Feb 11 2008 Warren Togami - 4.6-9 - rebuild with gcc-4.3 - Tue Dec 11 2007 Toshio Kuratomi - 4.6-8 - Disable rsync support due to security concerns: RH...
CVE-2007-6415
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute arbitrary code by invoking scp, as implemented by OpenSSH, with the -F and -o options...
CVE-2007-6350
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including 1 unison, 2 rsync, 3 svn, and 4 svnserve, as originally demonstrated by creating a Subversion SVN repository with malicious hooks, then using svn ...