Executive Summary
Summary | |
---|---|
Title | New scponly packages fix arbitrary code execution |
Informations | |||
---|---|---|---|
Name | DSA-1473 | First vendor Publication | 2008-01-21 |
Vendor | Debian | Last vendor Modification | 2008-01-21 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:S/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 8.5 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 6.8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Joachim Breitner discovered that Subversion support in scponly is inherently insecure, allowing execution of arbitrary commands. Further investigation showed that rsync and Unison support suffer from similar issues. This set of issues has been assigned CVE-2007-6350. In addition, it was discovered that it was possible to invoke with scp with certain options that may lead to execution of arbitrary commands (CVE-2007-6415). This update removes Subversion, rsync and Unison support from the scponly package, and prevents scp from being invoked with the dangerous options. For the stable distribution (etch), these problems have been fixed in version 4.6-1etch1. For the old stable distribution (sarge), these problems have been fixed in version 4.0-1sarge2. The unstable distribution (sid) will be fixed soon. We recommend that you upgrade your scponly package. |
Original Source
Url : http://www.debian.org/security/2008/dsa-1473 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-264 | Permissions, Privileges, and Access Controls |
50 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:18701 | |||
Oval ID: | oval:org.mitre.oval:def:18701 | ||
Title: | DSA-1473-1 scponly - arbitrary code execution | ||
Description: | Joachim Breitner discovered that Subversion support in scponly is inherently insecure, allowing execution of arbitrary commands. Further investigation showed that rsync and Unison support suffer from similar issues. This set of issues has been assigned <a href="http://security-tracker.debian.org/tracker/CVE-2007-6350">CVE-2007-6350</a>. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1473-1 CVE-2007-6350 CVE-2007-6415 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | scponly |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7732 | |||
Oval ID: | oval:org.mitre.oval:def:7732 | ||
Title: | DSA-1473 scponly -- design flaw | ||
Description: | Joachim Breitner discovered that Subversion support in scponly is inherently insecure, allowing execution of arbitrary commands. Further investigation showed that rsync and Unison support suffer from similar issues. This set of issues has been assigned CVE-2007-6350. In addition, it was discovered that it was possible to invoke scp with certain options that may lead to the execution of arbitrary commands (CVE-2007-6415). This update removes Subversion, rsync and Unison support from the scponly package, and prevents scp from being invoked with the dangerous options. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1473 CVE-2007-6350 CVE-2007-6415 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 Debian GNU/Linux 3.1 | Product(s): | scponly |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-02-16 | Name : Fedora Update for scponly FEDORA-2008-1728 File : nvt/gb_fedora_2008_1728_scponly_fc7.nasl |
2009-02-16 | Name : Fedora Update for scponly FEDORA-2008-1743 File : nvt/gb_fedora_2008_1743_scponly_fc8.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200802-06 (scponly) File : nvt/glsa_200802_06.nasl |
2008-01-31 | Name : Debian Security Advisory DSA 1473-1 (scponly) File : nvt/deb_1473_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
44137 | scponly Multiple Subcommands Crafted Subversion (SVN) Repository Restriction ... |
42843 | scponly -Fo Restricted Shell Bypass Arbitrary Code Execution |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2008-02-18 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1728.nasl - Type : ACT_GATHER_INFO |
2008-02-18 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1743.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200802-06.nasl - Type : ACT_GATHER_INFO |
2008-01-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1473.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:27:15 |
|
2013-05-11 12:17:42 |
|