EUVD-2002-1452

Malware in sbrugna...

EUVD-2004-1160

Malware in sbrugna...

Vulnerabilities of the Gentoo Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the scponly package up to version 4.0 of the Gentoo Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

[SECURITY] [DSA 1473-1] New scponly packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1473 [email protected] http://www.debian.org/security/ Florian Weimer January 21, 2008 http://www.debian.org/security/faq -...

CVE-2004-1162

The unison command in scponly before 4.0 does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via the 1 -rshcmd or 2 -sshcmd flags...

CVE-2004-1162

The unison command in scponly before 4.0 does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via the 1 -rshcmd or 2 -sshcmd flags...

rssh, scponly: Unrestricted command execution

Background rssh and scponly are two restricted shells, allowing only a few predefined commands. They are often used as a complement to OpenSSH to provide access to remote users without providing any remote execution privileges. Description Jason Wies discovered that when receiving an authorized...

SCPOnly 2.x/3.x - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/11791/info scponly is reported prone to a remote arbitrary command execution vulnerability. This issue may allow a remote attacker to execute commands and scripts on a vulnerable computer and eventually allow an attacker to gain elevated privileges on a...

SCPOnly 2.x3.x - Arbitrary Command Execution

SCPOnly 2.x3.x - Arbitrary Command Execution source: https://www.securityfocus.com/bid/11791/info scponly is reported prone to a remote arbitrary command execution vulnerability. This issue may allow a remote attacker to execute commands and scripts on a vulnerable computer and eventually allow a...

rssh & scponly -- arbitrary command execution

Jason Wies identified both rssh & scponly have a vulnerability that allows arbitrary command execution. He reports: The problem is compounded when you recognize that the main use of rssh and scponly is to allow file transfers, which in turn allows a malicious user to transfer and execute entire...

CVE-2002-1469

scponly does not properly verify the path when finding the 1 scp or 2 sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs and modifying the PATH variable in $HOME/.ssh/environment to locate those programs...

CVE-2002-1469

scponly does not properly verify the path when finding the 1 scp or 2 sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs and modifying the PATH variable in $HOME/.ssh/environment to locate those programs...