exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

RSSH 2.3.4 Released

RSSH 2.3.4 Released
Posted Nov 28, 2012
Authored by Derek Martin | Site pizzashack.org

RSSH version 2.3.4 was released to address an environment variable manipulation vulnerability and an improper filtering of the rsync command line.

tags | advisory
advisories | CVE-2012-3478, CVE-2012-2252
SHA-256 | 3292f4ccb0a7fd1db2d5443d8a6d96f69577b83251c4988b59049dc9a3bd99c8

RSSH 2.3.4 Released

Change Mirror Download
All,

Today I released rssh-2.3.4, which fixes an old issue, and a new
issue:

On Tue, May 08, 2012 at 01:14:26PM -0500, Derek Martin wrote:
> rssh is a shell for restricting SSH access to a machine to only scp,
> sftp, or a small set of similar applications.
>
> http://www.pizzashack.org/rssh/
>
> Henrik Erkkonen has discovered that, through clever manipulation of
> environment variables on the ssh command line, it is possible to
> circumvent rssh. As far as I can tell, there is no way to effect a
> root compromise, except of course if the root account is the one
> you're attempting to protect with rssh...

This was CVE-2012-3478, for which I had originally only posted a patch
to the rssh mailing list. It is now fixed in the new release.

The new issue is CVE-2012-2252, which involves improper filtering of
the rsync command line, when rsync support is configured. This may be
somewhat of a non-issue for recent stock rssh installations, as
stock rssh does not support newer rsync binaries which use -e to
specify the rsync protocol; thus if you're using rssh with a recent
istallation, rsync does not work for you anyway, and you therefore
most likely have it disabled by config. Nevertheless, it is a
legitimate security concern if you have rsync enabled in the
configuration. This also is fixed in 2.3.4.

This release also includes some mostly trivial updates for the build
and a bit of minor code clean-up.

For people using rssh packages from Debian, Red Hat, or one of their
derivatives, a third vulnerability was recently discovered, assigned
CVE-2012-2251. This issue exists only in a third-party patch to make
rssh work with newer rsync binaries. Stock rssh *is not vulnerable*
to this issue. However if you are relying on your vendor to package
rssh, this likely affects you.

Lastly, since the vendors are providing their own packages, and I'm no
longer set up to build RPMs, I am no longer providing rssh in RPM
form. Please be sure to update rssh to v2.3.4, either by downloading
and compiling from the website, or by updating your vendor's packages.

http://www.pizzashack.org/rssh/downloads.shtml

Thank you.

--
Derek D. Martin
http://www.pizzashack.org/
GPG Key ID: 0x81CFE75D

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close