Displaying 2 results from an estimated 2 matches for "60id".
Did you mean:
60d
2017 Apr 07
0
[Bug 1762] Improve the documentation w.r.t. "the user's shell"
...CC| |imoverclocked at gmail.com
Component|Documentation |ssh
Version|5.5p1 |7.4p1
--- Comment #2 from imoverclocked at gmail.com ---
Given the URL in a web browser:
"ssh://user at somehost.%60id%3E%2Ftmp%2Fwhoami%60.example.com"
iTerm2 currently launches ssh with a hostname of:
somehost.`id>/tmp/whoami`.example.com
With a vanilla SSH configuration this is ok since SSH errors out with
"host not found." However, with a special SSH configuration, a website
can execute...
2017 Apr 07
2
[Bug 2706] New: remote code execution via ProxyCommand+browser exploit
...: All
OS: Mac OS X
Status: NEW
Severity: security
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: imoverclocked at gmail.com
Given the URL in a web browser:
"ssh://user at somehost.%60id%3E%2Ftmp%2Fwhoami%60.example.com"
iTerm2 currently launches ssh with a hostname of:
somehost.`id>/tmp/whoami`.example.com
With a vanilla SSH configuration this is ok since SSH errors out with
"host not found." However, with a special SSH configuration, a website
can execute...