Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rssh vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2005-3345
rssh 2.0.0 up to and including 2.2.3 allows local users to bypass access restrictions and gain root privileges by using the rssh_chroot_helper command to chroot to an external directory.
Rssh Rssh 2.2.3
Rssh Rssh 2.1
Rssh Rssh 2.2
Rssh Rssh 2.2.1
Rssh Rssh 2.2.2
Rssh Rssh 2.0
7.5
CVSSv2
CVE-2004-1161
rssh 2.2.2 and previous versions does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp -S.
Rssh Rssh 2.2.1
Rssh Rssh 2.2.2
Rssh Rssh 2.0
Rssh Rssh 2.1
Rssh Rssh 2.2
Gentoo Linux
1 EDB exploit
4.4
CVSSv2
CVE-2012-2252
Incomplete blacklist vulnerability in rssh prior to 2.3.4, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via the --rsh command line option.
Pizzashack Rssh 2.2.2
Pizzashack Rssh 2.2.1
Pizzashack Rssh 2.0.0
Pizzashack Rssh 2.3.1
Pizzashack Rssh 2.3.0
Pizzashack Rssh 2.2.3
Pizzashack Rssh 2.0.2
Pizzashack Rssh 2.0.1
Pizzashack Rssh 2.1.0
Pizzashack Rssh 2.1.1
Pizzashack Rssh
Pizzashack Rssh 2.3.2
Pizzashack Rssh 2.0.4
Pizzashack Rssh 2.0.3
2.1
CVSSv2
CVE-2012-3478
rssh 2.3.3 and previous versions allows local users to bypass intended restricted shell access via crafted environment variables in the command line.
Pizzashack Rssh 2.0.3
Pizzashack Rssh 2.0.4
Pizzashack Rssh 2.2.3
Pizzashack Rssh 2.0.2
Pizzashack Rssh
Pizzashack Rssh 2.1.0
Pizzashack Rssh 2.1.1
Pizzashack Rssh 2.0.0
Pizzashack Rssh 2.2.1
Pizzashack Rssh 2.2.2
Pizzashack Rssh 2.0.1
Pizzashack Rssh 2.3.1
Pizzashack Rssh 2.3.0
5
CVSSv2
CVE-2004-0609
rssh 2.0 up to and including 2.1.x expands command line arguments before entering a chroot jail, which allows remote authenticated users to determine the existence of files in a directory outside the jail.
Rssh Rssh 2.0
Rssh Rssh 2.1
7.5
CVSSv2
CVE-2006-1320
util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf.
Rssh Rssh 2.3.0
9
CVSSv2
CVE-2004-1628
Format string vulnerability in log.c in rssh prior to 2.2.2 allows remote authenticated users to execute arbitrary code.
Pizzashack Rssh
4.4
CVSSv2
CVE-2012-2251
rssh 2.3.2, as used by Debian, Fedora, and others, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via a (1) "-e" or (2) "--" command line option.
Pizzashack Rssh 2.3.2
4.6
CVSSv2
CVE-2019-1000018
rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. This attack appear to be exploitable via An authorized SSH user wit...
Pizzashack Rssh 2.3.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
1 Github repository
7.5
CVSSv2
CVE-2019-3463
Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
Pizzashack Rssh 2.3.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »