oss-sec mailing list archives
Re: rssh: incorrect filtering of command line options
From: Derek Martin <code () pizzashack org>
Date: Tue, 27 Nov 2012 17:40:47 -0600
On Wed, Nov 28, 2012 at 12:21:03AM +0100, Yves-Alexis Perez wrote:
CVE-2012-2251 Incorrect filtering of command line when using rsync protocol. It was for example possible to pass dangerous options after a "--" switch. The rsync protocol support has been added in a Debian (and Fedora/Red Hat) specific patch, so this vulnerability doesn't affect upstream. CVE-2012-2251
I believe this one was meant to be CVE-2012-2252...
Incorrect filtering of the "--rsh" option: the filter preventing usage of the "--rsh=" option would not prevent passing "--rsh". This vulnerability affects upstream code.
I've uploaded rssh-2.3.4 to the project's web page, as well as to sourceforge. This update includes the fix for CVE-2012-2252, and also rolls up a fix for CVE-2012-3478, for which I had previously only posted a patch. Additionally there are some mostly trivial updates for code and build clean-up. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0x81CFE75D
Attachment:
_bin
Description:
Current thread:
- rssh: incorrect filtering of command line options Yves-Alexis Perez (Nov 27)
- Re: rssh: incorrect filtering of command line options Yves-Alexis Perez (Nov 27)
- Re: rssh: incorrect filtering of command line options Derek Martin (Nov 27)
- Re: rssh: incorrect filtering of command line options Yves-Alexis Perez (Nov 27)