Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rssh vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-3345
rssh 2.0.0 up to and including 2.2.3 allows local users to bypass access restrictions and gain root privileges by using the rssh_chroot_helper command to chroot to an external directory.
Rssh Rssh 2.2.3
Rssh Rssh 2.1
Rssh Rssh 2.2
Rssh Rssh 2.2.1
Rssh Rssh 2.2.2
Rssh Rssh 2.0
NA
CVE-2004-1161
rssh 2.2.2 and previous versions does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp -S.
Rssh Rssh 2.2.1
Rssh Rssh 2.2.2
Rssh Rssh 2.0
Rssh Rssh 2.1
Rssh Rssh 2.2
Gentoo Linux
1 EDB exploit
NA
CVE-2012-2252
Incomplete blacklist vulnerability in rssh prior to 2.3.4, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via the --rsh command line option.
Pizzashack Rssh 2.2.2
Pizzashack Rssh 2.2.1
Pizzashack Rssh 2.0.0
Pizzashack Rssh 2.3.1
Pizzashack Rssh 2.3.0
Pizzashack Rssh 2.2.3
Pizzashack Rssh 2.0.2
Pizzashack Rssh 2.0.1
Pizzashack Rssh 2.1.0
Pizzashack Rssh 2.1.1
Pizzashack Rssh
Pizzashack Rssh 2.3.2
Pizzashack Rssh 2.0.4
Pizzashack Rssh 2.0.3
NA
CVE-2012-3478
rssh 2.3.3 and previous versions allows local users to bypass intended restricted shell access via crafted environment variables in the command line.
Pizzashack Rssh 2.0.3
Pizzashack Rssh 2.0.4
Pizzashack Rssh 2.2.3
Pizzashack Rssh 2.0.2
Pizzashack Rssh
Pizzashack Rssh 2.1.0
Pizzashack Rssh 2.1.1
Pizzashack Rssh 2.0.0
Pizzashack Rssh 2.2.1
Pizzashack Rssh 2.2.2
Pizzashack Rssh 2.0.1
Pizzashack Rssh 2.3.1
Pizzashack Rssh 2.3.0
NA
CVE-2004-0609
rssh 2.0 up to and including 2.1.x expands command line arguments before entering a chroot jail, which allows remote authenticated users to determine the existence of files in a directory outside the jail.
Rssh Rssh 2.0
Rssh Rssh 2.1
NA
CVE-2006-1320
util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf.
Rssh Rssh 2.3.0
NA
CVE-2004-1628
Format string vulnerability in log.c in rssh prior to 2.2.2 allows remote authenticated users to execute arbitrary code.
Pizzashack Rssh
NA
CVE-2012-2251
rssh 2.3.2, as used by Debian, Fedora, and others, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via a (1) "-e" or (2) "--" command line option.
Pizzashack Rssh 2.3.2
9.8
CVSSv3
CVE-2019-3463
Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
Pizzashack Rssh 2.3.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
9.8
CVSSv3
CVE-2019-3464
Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
Pizzashack Rssh 2.3.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »