[3.10] rssh: Possible allowscp bypass resulting in arbitrary code execution (CVE-2019-1000018)
rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special
Elements used in a Command (‘Command Injection’) vulnerability in
allowscp permission that can
result in Local command execution. This attack appear to be exploitable
via An authorized SSH user with the allowscp permission.
References:
https://esnet-security.github.io/vulnerabilities/20190115\_rssh
https://nvd.nist.gov/vuln/detail/CVE-2019-1000018
https://sourceforge.net/p/rssh/mailman/message/36519118/
(from redmine: issue id 10061, created on 2019-03-05)
- Relations:
- parent #10060