Back to search
CVE-2012-2251
Published: Jan 11, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
rssh 2.3.2, as used by Debian, Fedora, and others, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via a (1) "-e" or (2) "--" command line option.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
51307
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20121128 rssh: incorrect filtering of command line options
mailing-list
x_refsource_MLIST
DSA-2578
vendor-advisory
x_refsource_DEBIAN
56708
vdb-entry
x_refsource_BID
rssh-eoption-command-execution(80334)
vdb-entry
x_refsource_XF
https://bugzilla.redhat.com/show_bug.cgi?id=877279
x_refsource_CONFIRM
20121127 Re: rssh security announcement
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now