CVE-2006-0225

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174026", "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174026", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/16369", "name": "16369", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/18579", "name": "18579", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/18595", "name": "18595", "tags": ["Patch", "Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.trustix.org/errata/2006/0004", "name": "2006-0004", "tags": [], "refsource": "TRUSTIX"}, {"url": "http://securitytracker.com/id?1015540", "name": "1015540", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/18650", "name": "18650", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/18736", "name": "18736", "tags": [], "refsource": "SECUNIA"}, {"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/005_ssh.patch", "name": "20060212 [3.8] 005: SECURITY FIX: February 12, 2006", "tags": [], "refsource": "OPENBSD"}, {"url": "http://www.novell.com/linux/security/advisories/2006_08_openssh.html", "name": "SUSE-SA:2006:008", "tags": [], "refsource": "SUSE"}, {"url": "http://secunia.com/advisories/18798", "name": "18798", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/18850", "name": "18850", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.openpkg.org/security/OpenPKG-SA-2006.003-openssh.html", "name": "OpenPKG-SA-2006.003", "tags": [], "refsource": "OPENPKG"}, {"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.425802", "name": "SSA:2006-045-06", "tags": [], "refsource": "SLACKWARE"}, {"url": "http://secunia.com/advisories/18910", "name": "18910", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200602-11.xml", "name": "GLSA-200602-11", "tags": [], "refsource": "GENTOO"}, {"url": "http://www.ubuntu.com/usn/usn-255-1", "name": "USN-255-1", "tags": [], "refsource": "UBUNTU"}, {"url": "http://www.osvdb.org/22692", "name": "22692", "tags": [], "refsource": "OSVDB"}, {"url": "http://secunia.com/advisories/18964", "name": "18964", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/18969", "name": "18969", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/18970", "name": "18970", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.redhat.com/support/errata/RHSA-2006-0044.html", "name": "RHSA-2006:0044", "tags": [], "refsource": "REDHAT"}, {"url": "http://secunia.com/advisories/19159", "name": "19159", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688", "name": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751", "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/20723", "name": "20723", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.redhat.com/support/errata/RHSA-2006-0298.html", "name": "RHSA-2006:0298", "tags": [], "refsource": "REDHAT"}, {"url": "http://secunia.com/advisories/21129", "name": "21129", "tags": [], "refsource": "SECUNIA"}, {"url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc", "name": "20060703-01-P", "tags": [], "refsource": "SGI"}, {"url": "http://secunia.com/advisories/21262", "name": "21262", "tags": [], "refsource": "SECUNIA"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-158.htm", "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-158.htm", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/21492", "name": "21492", "tags": [], "refsource": "SECUNIA"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-174.htm", "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-174.htm", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/21724", "name": "21724", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.redhat.com/support/errata/RHSA-2006-0698.html", "name": "RHSA-2006:0698", "tags": [], "refsource": "REDHAT"}, {"url": "http://secunia.com/advisories/22196", "name": "22196", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/23241", "name": "23241", "tags": [], "refsource": "SECUNIA"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm", "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/23340", "name": "23340", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html", "name": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html", "name": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/23680", "name": "23680", "tags": [], "refsource": "SECUNIA"}, {"url": "http://docs.info.apple.com/article.html?artnum=305214", "name": "http://docs.info.apple.com/article.html?artnum=305214", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/24479", "name": "24479", "tags": [], "refsource": "SECUNIA"}, {"url": "http://blogs.sun.com/security/entry/sun_alert_102961_security_vulnerability", "name": "http://blogs.sun.com/security/entry/sun_alert_102961_security_vulnerability", "tags": [], "refsource": "CONFIRM"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-246.htm", "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-246.htm", "tags": [], "refsource": "CONFIRM"}, {"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html", "name": "APPLE-SA-2007-03-13", "tags": [], "refsource": "APPLE"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:034", "name": "MDKSA-2006:034", "tags": [], "refsource": "MANDRIVA"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102961-1", "name": "102961", "tags": [], "refsource": "SUNALERT"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html", "name": "TA07-072A", "tags": ["US Government Resource"], "refsource": "CERT"}, {"url": "http://secunia.com/advisories/25607", "name": "25607", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/25936", "name": "25936", "tags": [], "refsource": "SECUNIA"}, {"url": "http://securityreason.com/securityalert/462", "name": "462", "tags": [], "refsource": "SREASON"}, {"url": "http://www.vupen.com/english/advisories/2007/0930", "name": "ADV-2007-0930", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2006/0306", "name": "ADV-2006-0306", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2007/2120", "name": "ADV-2007-2120", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2006/4869", "name": "ADV-2006-4869", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2006/2490", "name": "ADV-2006-2490", "tags": [], "refsource": "VUPEN"}, {"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112", "name": "HPSBUX02178", "tags": [], "refsource": "HP"}, {"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00062.html", "name": "FEDORA-2006-056", "tags": [], "refsource": "FEDORA"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24305", "name": "openssh-scp-command-execution(24305)", "tags": [], "refsource": "XF"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9962", "name": "oval:org.mitre.oval:def:9962", "tags": [], "refsource": "OVAL"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1138", "name": "oval:org.mitre.oval:def:1138", "tags": [], "refsource": "OVAL"}, {"url": "http://www.securityfocus.com/archive/1/425397/100/0/threaded", "name": "FLSA-2006:168935", "tags": [], "refsource": "FEDORA"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-0225", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2006-01-25T11:03Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-19T15:43Z"}