Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 699842 (CVE-2019-1000018, CVE-2019-3463, CVE-2019-3464) - app-shells/rssh: multiple vulnerabilities (CVE-2019-{3463,3464,1000018})
Summary: app-shells/rssh: multiple vulnerabilities (CVE-2019-{3463,3464,1000018})
Status: IN_PROGRESS
Alias: CVE-2019-1000018, CVE-2019-3463, CVE-2019-3464
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [ebuild]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-11-11 16:59 UTC by GLSAMaker/CVETool Bot
Modified: 2019-11-11 17:00 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2019-11-11 16:59:48 UTC
CVE-2019-1000018 (https://nvd.nist.gov/vuln/detail/CVE-2019-1000018):
  rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special
  Elements used in a Command ('Command Injection') vulnerability in allowscp
  permission that can result in Local command execution. This attack appear to
  be exploitable via An authorized SSH user with the allowscp permission.

CVE-2019-3464 (https://nvd.nist.gov/vuln/detail/CVE-2019-3464):
  Insufficient sanitization of environment variables passed to rsync can
  bypass the restrictions imposed by rssh, a restricted shell that should
  restrict users to perform only rsync operations, resulting in the execution
  of arbitrary shell commands.

CVE-2019-3463 (https://nvd.nist.gov/vuln/detail/CVE-2019-3463):
  Insufficient sanitization of arguments passed to rsync can bypass the
  restrictions imposed by rssh, a restricted shell that should restrict users
  to perform only rsync operations, resulting in the execution of arbitrary
  shell commands.