exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 2578-1

Debian Security Advisory 2578-1
Posted Nov 28, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2578-1 - James Clawson discovered that rssh, a restricted shell for OpenSSH to be used with scp/sftp, rdist and cvs, was not correctly filtering command line options. This could be used to force the execution of a remote script and thus allow arbitrary command execution.

tags | advisory, remote, arbitrary, shell
systems | linux, debian
advisories | CVE-2012-2251, CVE-2012-2252
SHA-256 | d9979ff7d19f7c9e9521796945b7c49ed74862a888a3527cd1b55022041c8c36

Debian Security Advisory 2578-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2578-1 security@debian.org
http://www.debian.org/security/ Yves-Alexis Perez
November 28, 2012 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : rssh
Vulnerability : insufficient filtering of rsync command line
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-2251 CVE-2012-2252
Debian Bug :

James Clawson discovered that rssh, a restricted shell for OpenSSH to be used
with scp/sftp, rdist and cvs, was not correctly filtering command line options.
This could be used to force the execution of a remote script and thus allow
arbitrary command execution. Two CVE were assigned:

CVE-2012-2251
Incorrect filtering of command line when using rsync protocol. It was
for example possible to pass dangerous options after a "--" switch. The rsync
protocol support has been added in a Debian (and Fedora/Red Hat) specific
patch, so this vulnerability doesn't affect upstream.

CVE-2012-2251
Incorrect filtering of the "--rsh" option: the filter preventing usage of the
"--rsh=" option would not prevent passing "--rsh". This vulnerability affects
upstream code.

For the stable distribution (squeeze), this problem has been fixed in
version 2.3.2-13squeeze2.

For the testing distribution (wheezy), this problem has been fixed in
version 2.3.3-6.

For the unstable distribution (sid), this problem has been fixed in
version 2.3.3-6.

We recommend that you upgrade your rssh packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)

iQEcBAEBCgAGBQJQtUm5AAoJEG3bU/KmdcCl+mYH/i+Qu3RJaGkNZhz0JphBAMvT
L2g1dbzNQOAePwvo69XIhNuAVAAqltV2N/GRvdlBORR7/W1NO9QOBodPwTkf4N9e
enl9z9+Wxb9Z1NgRCkAjTd6rkdzxFPpAzTe4uF4WfUH306lbTDHZyR3KZgEFqOdS
/16vbWoQ2QYz/hjIdlQI4GArBL+AZ5Fucq5oFqb5VcXv63Yi0U9qTliYH4iO/rzf
CkDbm7cdD7bO7LbshEqC+Cz1khVDfIG/KakzByxoNgcvMCoyhE5v8QNp6qnCPf3U
2yZ+8X5rm3on0j6YUF7+qeBTcLSAinHY+6Qzq9r+T7/xa77N+NGWUmW18EkYup8=
=Rfew
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close