Описание
Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys.
Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2021-38173
- https://github.com/digint/btrbk/commit/58212de771c381cd4fa05625927080bf264e9584
- https://github.com/digint/btrbk/blob/master/ChangeLog
- https://lists.debian.org/debian-lts-announce/2021/09/msg00002.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BP2T32JMENJFRP2HWXR7FTTZVRTTPECL
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LM7GLTUN5YS4KE2RNBX732EAMVVGNEX3
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 4 лет назад
Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys.
CVSS3: 9.8
nvd
больше 4 лет назад
Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys.
CVSS3: 9.8
debian
больше 4 лет назад
Btrbk before 0.31.2 allows command execution because of the mishandlin ...