OpenSSH 4.4 up to versions prior to 4.9 allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .ssh/rc session file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openbsd openssh 4.4 |
||
openbsd openssh 4.4p1 |
||
openbsd openssh 4.5 |
||
openbsd openssh 4.6 |
||
openbsd openssh 4.7 |
||
openbsd openssh 4.8 |