oss-sec mailing list archives
CVE request: openssh "ForceCommand" improperly implemented
From: Jonathan Smith <smithj () freethemallocs com>
Date: Wed, 02 Apr 2008 08:49:53 -0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 http://secunia.com/advisories/29602/ https://bugs.gentoo.org/show_bug.cgi?id=215702 https://issues.rpath.com/browse/RPL-2419 It looks to be a rather minor issue since ~/.ssh/rc is usually 0600 and ~/.ssh is usually 0700. smithj -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.8 (GNU/Linux) iEYEARECAAYFAkfzuTEACgkQCG91qXPaRekKzwCdEnSwrkEVCXR8NzZEXCBkpXe/ 2O4Ani9EzXE2CUGpYEJj8+P8O06UarYO =wKkZ -----END PGP SIGNATURE-----
Current thread:
- CVE request: openssh "ForceCommand" improperly implemented Jonathan Smith (Apr 02)
- Re: CVE request: openssh "ForceCommand" improperly implemented Steven M. Christey (Apr 02)
- Re: CVE request: openssh "ForceCommand" improperly implemented Florian Weimer (Apr 02)