similar to: security flaw in rssh

Displaying 20 results from an estimated 2000 matches similar to: "security flaw in rssh"

2004 Oct 23
1
rssh: pizzacode security alert
PIZZACODE SECURITY ALERT program: rssh risk: low[*] problem: string format vulnerability in log.c details: rssh is a restricted shell for use with OpenSSH, allowing only scp and/or sftp. For example, if you have a server which you only want to allow users to copy files off of via scp, without providing shell access, you can use rssh to do that. Additioanlly, running rsync, rdist, and cvs are
2005 Jan 15
0
rssh and scponly arbitrary command execution
I just released rssh version 2.2.3 to fix the problem detailed below. I haven't had time to update my website yet, and my Internet acess is quite limited these days (hence the terse announcement), so I probably won't get to that for a while. However, rssh 2.2.3 is available from the sourceforge.net site: http://sourceforge.net/projects/rssh All users of rssh should update to the
2003 Jul 07
0
[semi-OT] rssh FINAL RELEASE! Well, hopefully.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm pleased to announce that rssh now has per-user configurations! Today I released rssh v2.1.0 with that last peice of functionality to be added, bringing active development of rssh to a close. Additionally, I spent several hours testing and debugging this release as thoroughly as I could think to, and I'm pleased to report (tongue in cheek)
2003 Jul 02
0
[semi-OT] rssh
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I released rssh v2.0.4 today. It fixes bugs in the parser which affect quoted arguments in the config file, as well as the code which builds the vector for the arguments to the exec call. In the latter case, arguments which contain a space were treated as two sepearate args. The man page was also updated to include information about quoting values
2005 Dec 30
5
rssh: root privilege escalation flaw
Affected Software: rssh - all versions prior to 2.3.0 Vulnerability: local user privilege escalation Severity: *CRITICAL* Impact: local users can gain root access Solution: Please upgrade to v2.3.1 Summary ------- rssh is a restricted shell which allows a system administrator to limit users' access to a system via SSH to scp, sftp, rsync, rdist, and cvs. It also allows the system
2003 Jan 02
0
rssh 1.0.4 released
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi folks, Today I released rssh 1.0.4. rssh is a small replacement shell that provides the ability for system administrators to give specific users access to a given system via scp or sftp only. For downloads or more information, visit the rssh homepage: http://www.pizzashack.org/rssh This release fixes a stupid bug caused by a failure to
2004 Dec 03
1
[BUGTRAQ] rssh and scponly arbitrary command execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [This came over BUGTRAQ this morning. Note the call for volunteers vis-a-vis rssh.] - ----- Forwarded message from Jason Wies <jason at xc.net> ----- List-Id: <bugtraq.list-id.securityfocus.com> List-Subscribe: <mailto:bugtraq-subscribe at securityfocus.com> To: bugtraq at securityfocus.com Cc: rssh-discuss at
2003 Jan 03
0
[patch] chroot support for openssh-3.5p1
Good Morning All, Attached is a full patch [or so I hope] enabling chroot support for sshd. I know varied opinions about chroot exist among the masses; however, I continue to believe that until something far outside the scope of openssh tackles the sandbox issue, the role of enforcer will continue to be with the daemon. This patch is based on a previous work by John Furman as well as Eric
2011 Mar 27
1
rssh / scponly
List, I am putting together a sftp server and would like to use a restrictive shell with a chroot jail. I was wondering what members of the list thought about rssh as opposed to scponly. Greg Ennis
2008 Oct 05
4
Why is -e sent to the remote rsync side?
> $ rsync -e 'ssh -v' lingnu.com: > OpenSSH_5.1p1 Debian-2, OpenSSL 0.9.8g 19 Oct 2007 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: Applying options for * > debug1: Connecting to lingnu.com [199.203.56.105] port 22. > debug1: Connection established. ... > debug1: Sending command: rsync --server --sender -de.L . As we can see, rsync runs ssh, and
2008 Mar 08
1
rsync 3.0 and rssh
Since rsync 3.0 i've detected a problem with rssh and -e option....rssh doesn't allow this option...but is essential to me (cyphered transmission with ssh). Surfing the net i've seen a guy that made a patch but I don't know how reliable is...and rssh former programer says he just left the project so it's no longer his problem. Is this stuff going to be updated in rsync or is
2005 Mar 24
1
"ssh user@server /bin/sh" vs "no-pty" option.
Hello List, Do I get it right that I *MUST* chroot a user first and make /bin/rssh his shell in the /etc/passwd to effectively restrict him? There should be no /bin/ksh (or bash) in his jail? If I do not jail him - no matter what is his passwd shell - he will be able to issue "ssh user at server /bin/sh" still, right? -- Best regards, Anthony mailto:rz1a at
2006 Jun 24
1
[PATCH] sftp-server Restricted Access
Hello, This patch makes it possible to restrict sftp sessions to a certain subtree of the file system on a per-Unix account basis. It requires a program such as rssh or scponly to function. A patch for rssh is also attached to this email. The method employed uses realpath() and a string comparison to check that each file or directory access is allowed. With this patch, sftp-server takes a
2005 Aug 04
0
Patch to selectively override a user's shell
Hello, I don't know if this is of anybody's interest here, but I have written a patch to selectively override a user's shell dependent of the username. The reason behind this is, that at the high performance cluster I work at, we would like that normal users are only permitted to use scp and sftp (and thus a shell like rssh) on our master nodes, but should retain their
2003 Aug 16
0
sftp-server (secure) chroot patch?
Hello, I know this chroot issue has been brought up many times before on this list. I saw that the contribibuted chroot-patch was removed from the contrib directory because it always was out of date. The main reason was of course was that sftp-server has to be run as root to be able to do the chroot() call? Most of you are against chroot (since it isnt in the src) but I believe a lot of users
2007 Sep 05
3
Chrooting SFTP over SSH2
Hi, As per the subject line - if I look up setting up chroot jails for SFTP over SSH2 I'm led to various Web sites and patches and also to a CentOS wiki page dated 2005, but what's the 'best' or 'correct' way to set this up for Centos 4.5 and 5? Thanks
2003 May 06
4
AVM C4
Hi, Has anybody used AVM C1/C4s on Asterisk? What's the result? I know there may be better cards, but I have 2 C4s which I want to put to good use. Andrea Coppini +356 79 ANDREA (263732) andreacoppini@iwg.info EMPOWER PEOPLE - THE WORLD IN YOUR HAND iWG (iWORLD GROUP) is a global e-mobile company creating, building and growing new businesses. iWG founders are pioneers in creating
2012 Feb 07
3
Suggestion for openssh
Hi! I do not know if it's the ideal place, but I'm sending some suggestion. Always use openssh and its enormous features. - I needed to create an environment with only sftp access and thus used: - Match User suporte ForceCommand / usr / lib / openssh / sftp-server OK! It worked perfectly! But only sftp. - Create an environment with only blocking the ssh, but scp and
2023 Dec 08
2
Non-shell accounts and scp/sftp
On Fri, 8 Dec 2023 at 07:39, Philip Prindeville <philipp_subx at redfish-solutions.com> wrote: [...] > Problem is that if their default shell isn't sh, ash, dash, bash, zsh, etc. then things break. > Is there a workaround to allow scp/sftp to continue to work even for non-shell accounts? sftp should work regardless of the user's shell since it is invoked as a ssh subsystem
2015 Jul 03
1
Re: libguestfs error: need help troubleshooting
Hi Rich, I'm not sure how far this helps as it mostly says 'No space left on device', but here's the output of the command you asked me to run: ➜ tmp /usr/bin/supermin --build -v -v -v --copy-kernel -f ext2 --host-cpu x86_64 /usr/lib64/guestfs/supermin.d -o /tmp/appliance.d supermin: version: 5.1.9 supermin: rpm: detected RPM version 4.11 supermin: package handler: fedora/rpm