CVE-2012-3478

rssh 2.3.3 and earlier allows local users to bypass intended restricted shell access via crafted environment variables in the command line.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:pizzashack:rssh:*:*:*:*:*:*:*:*
cpe:2.3:a:pizzashack:rssh:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:pizzashack:rssh:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:pizzashack:rssh:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:pizzashack:rssh:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:pizzashack:rssh:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:pizzashack:rssh:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:pizzashack:rssh:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:pizzashack:rssh:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:pizzashack:rssh:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:pizzashack:rssh:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:pizzashack:rssh:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:pizzashack:rssh:2.3.1:*:*:*:*:*:*:*

History

21 Nov 2024, 01:40

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/bugtraq/2012-05/0036.html - () http://archives.neohapsis.com/archives/bugtraq/2012-05/0036.html -
References () http://archives.neohapsis.com/archives/bugtraq/2012-11/0101.html - () http://archives.neohapsis.com/archives/bugtraq/2012-11/0101.html -
References () http://secunia.com/advisories/50272 - Vendor Advisory () http://secunia.com/advisories/50272 - Vendor Advisory
References () http://sourceforge.net/mailarchive/message.php?msg_id=29235647 - () http://sourceforge.net/mailarchive/message.php?msg_id=29235647 -
References () http://www.debian.org/security/2012/dsa-2530 - () http://www.debian.org/security/2012/dsa-2530 -
References () http://www.openwall.com/lists/oss-security/2012/08/10/7 - () http://www.openwall.com/lists/oss-security/2012/08/10/7 -
References () http://www.openwall.com/lists/oss-security/2012/08/11/3 - () http://www.openwall.com/lists/oss-security/2012/08/11/3 -
References () http://www.openwall.com/lists/oss-security/2012/11/28/3 - () http://www.openwall.com/lists/oss-security/2012/11/28/3 -
References () http://www.securityfocus.com/bid/53430 - () http://www.securityfocus.com/bid/53430 -

Information

Published : 2012-08-31 18:55

Updated : 2024-11-21 01:40


NVD link : CVE-2012-3478

Mitre link : CVE-2012-3478

CVE.ORG link : CVE-2012-3478


JSON object : View

Products Affected

pizzashack

  • rssh
CWE
CWE-264

Permissions, Privileges, and Access Controls