CVE-2004-1161

rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp -S.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://marc.info/?l=bugtraq&m=110202047507273&w=2
http://marc.info/?l=bugtraq&m=110581113814623&w=2
http://www.gentoo.org/security/en/glsa/glsa-200412-01.xml	Patch Vendor Advisory
http://www.securityfocus.com/bid/11792	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:rssh:rssh:2.0:::::::*
	cpe:2.3:a:rssh:rssh:2.1:::::::*
	cpe:2.3:a:rssh:rssh:2.2:::::::*
	cpe:2.3:a:rssh:rssh:2.2.1:::::::*
	cpe:2.3:a:rssh:rssh:2.2.2:::::::*

Configuration 2 (hide)

cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2005-01-10 05:00

Updated : 2016-10-18 02:51

NVD link : CVE-2004-1161

Mitre link : CVE-2004-1161

CVE.ORG link : CVE-2004-1161

JSON object : View

Products Affected

gentoo

linux

rssh

rssh

CWE

NVD-CWE-Other

{"id": "CVE-2004-1161", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2005-01-10T05:00:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=110202047507273&w=2", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=110581113814623&w=2", "source": "cve@mitre.org"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-01.xml", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/11792", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp -S."}], "lastModified": "2016-10-18T02:51:51.027", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rssh:rssh:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3708773-21D3-4A11-A259-B9E8E81F916E"}, {"criteria": "cpe:2.3:a:rssh:rssh:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F835C18-5D15-43FD-B009-E7332E51A8AC"}, {"criteria": "cpe:2.3:a:rssh:rssh:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A58936DD-0289-4B93-B351-CB1A3F4D54E8"}, {"criteria": "cpe:2.3:a:rssh:rssh:2.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0624666-0D2F-40FB-A9B2-5C868D6F3515"}, {"criteria": "cpe:2.3:a:rssh:rssh:2.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0AB6E21A-9555-4655-B23C-998FFCFE83F7"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}