oss-sec mailing list archives
Re: rssh: incorrect filtering of command line options
From: Yves-Alexis Perez <corsac () debian org>
Date: Wed, 28 Nov 2012 00:42:45 +0100
On mer., 2012-11-28 at 00:21 +0100, Yves-Alexis Perez wrote:
CVE-2012-2251 Incorrect filtering of the "--rsh" option: the filter preventing usage of the "--rsh=" option would not prevent passing "--rsh". This vulnerability affects upstream code.
This is indeed CVE-2012-2252, sorry for that. Regards, -- Yves-Alexis Perez Debian Security
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- rssh: incorrect filtering of command line options Yves-Alexis Perez (Nov 27)
- Re: rssh: incorrect filtering of command line options Yves-Alexis Perez (Nov 27)
- Re: rssh: incorrect filtering of command line options Derek Martin (Nov 27)
- Re: rssh: incorrect filtering of command line options Yves-Alexis Perez (Nov 27)