CVE-2004-1161

rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp -S.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.securityfocus.com/bid/11792	Exploit Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200412-01.xml	Patch Vendor Advisory
http://marc.info/?l=bugtraq&m=110202047507273&w=2
http://marc.info/?l=bugtraq&m=110581113814623&w=2

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:rssh:rssh:2.2.1:::::::*
	cpe:2.3:a:rssh:rssh:2.2.2:::::::*
	cpe:2.3:a:rssh:rssh:2.0:::::::*
	cpe:2.3:a:rssh:rssh:2.1:::::::*
	cpe:2.3:a:rssh:rssh:2.2:::::::*

Configuration 2 (hide)

cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*

Information

Published : 2005-01-09 21:00

Updated : 2016-10-17 19:51

NVD link : CVE-2004-1161

Mitre link : CVE-2004-1161

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

rssh

rssh

gentoo

linux

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/11792", "name": "11792", "tags": ["Exploit", "Vendor Advisory"], "refsource": "BID"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-01.xml", "name": "GLSA-200412-01", "tags": ["Patch", "Vendor Advisory"], "refsource": "GENTOO"}, {"url": "http://marc.info/?l=bugtraq&m=110202047507273&w=2", "name": "20041202 rssh and scponly arbitrary command execution", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://marc.info/?l=bugtraq&m=110581113814623&w=2", "name": "20050115 Re: rssh and scponly arbitrary command execution", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp -S."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2004-1161", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2005-01-10T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:rssh:rssh:2.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:rssh:rssh:2.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:rssh:rssh:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:rssh:rssh:2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:rssh:rssh:2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2016-10-18T02:51Z"}