Home page logo

oss-sec logo oss-sec mailing list archives

Re: rssh: incorrect filtering of command line options
From: Derek Martin <code () pizzashack org>
Date: Tue, 27 Nov 2012 17:40:47 -0600

On Wed, Nov 28, 2012 at 12:21:03AM +0100, Yves-Alexis Perez wrote:
      Incorrect filtering of command line when using rsync protocol. It was
      for example possible to pass dangerous options after a "--" switch. The rsync
      protocol support has been added in a Debian (and Fedora/Red Hat) specific
      patch, so this vulnerability doesn't affect upstream.


I believe this one was meant to be CVE-2012-2252...

      Incorrect filtering of the "--rsh" option: the filter preventing usage of the
      "--rsh=" option would not prevent passing "--rsh". This vulnerability affects
      upstream code.

I've uploaded rssh-2.3.4 to the project's web page, as well as to
sourceforge.  This update includes the fix for CVE-2012-2252, and also
rolls up a fix for CVE-2012-3478, for which I had previously only
posted a patch.  Additionally there are some mostly trivial updates
for code and build clean-up.

Derek D. Martin
GPG Key ID: 0x81CFE75D

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]