Vulnerability CVE-2012-2252: Information
Description
Incomplete blacklist vulnerability in rssh before 2.3.4, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via the --rsh command line option.
Severity: MEDIUM (4.4)
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
rssh | sisyphus | 2.3.4-alt2 | 2.3.4-alt2 | ALT-PU-2016-1705-1 | 166554 | Fixed |
rssh | p10 | 2.3.4-alt2 | 2.3.4-alt2 | ALT-PU-2016-1705-1 | 166554 | Fixed |
rssh | p9 | 2.3.4-alt2 | 2.3.4-alt2 | ALT-PU-2016-1705-1 | 166554 | Fixed |
rssh | p8 | 2.3.4-alt2 | 2.3.4-alt2 | ALT-PU-2016-1710-1 | 166654 | Fixed |
rssh | c10f1 | 2.3.4-alt2 | 2.3.4-alt2 | ALT-PU-2016-1705-1 | 166554 | Fixed |
rssh | c9f2 | 2.3.4-alt2 | 2.3.4-alt2 | ALT-PU-2016-1705-1 | 166554 | Fixed |