Описание
Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.3.4-7ubuntu0.1 |
| cosmic | released | 2.3.4-8ubuntu0.2 |
| devel | DNE | |
| esm-apps/bionic | released | 2.3.4-7ubuntu0.1 |
| esm-apps/xenial | released | 2.3.4-4+deb8u2ubuntu0.16.04.2 |
| esm-infra-legacy/trusty | released | 2.3.4-4+deb8u2ubuntu0.14.04.2 |
| precise/esm | DNE | |
| trusty | released | 2.3.4-4+deb8u2ubuntu0.14.04.2 |
| trusty/esm | released | 2.3.4-4+deb8u2ubuntu0.14.04.2 |
| upstream | released | 2.3.4-10 |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
Insufficient sanitization of arguments passed to rsync can bypass the ...
Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
Уязвимость реализации команды «rsync» командной оболочки rssh, позволяющая нарушителю выполнять произвольные команды оболочки rssh
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3