Описание
Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-3463
- https://lists.debian.org/debian-lts-announce/2019/02/msg00007.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO3MDU3AH5SLYBKHH5PJ6PHC63ASIF42
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KR2OHTHMJVV4DO3HDRFQQZ5JENHDJQEN
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T42YYNWJZG422GATWAHAEK4A24OKY557
- https://security.gentoo.org/glsa/202007-29
- https://tracker.debian.org/news/1026713/accepted-rssh-234-5deb9u2-source-amd64-into-stable-embargoed-stable
- https://usn.ubuntu.com/3946-1
- https://www.debian.org/security/2019/dsa-4382
- http://seclists.org/fulldisclosure/2021/May/78
- http://www.securityfocus.com/bid/106839
Связанные уязвимости
Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
Insufficient sanitization of arguments passed to rsync can bypass the ...
Уязвимость реализации команды «rsync» командной оболочки rssh, позволяющая нарушителю выполнять произвольные команды оболочки rssh