Описание
netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| netkit-rsh | removed | package | ||
| netkit-rsh | ignored | bookworm | package | |
| netkit-rsh | no-dsa | bullseye | package | |
| netkit-rsh | no-dsa | buster | package |
EPSS
Процентиль: 76%
0.00951
Низкий
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 2 лет назад
netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778.
CVSS3: 9.8
nvd
больше 2 лет назад
netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778.
CVSS3: 9.8
github
больше 2 лет назад
netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778.
EPSS
Процентиль: 76%
0.00951
Низкий