[scponly] [CVE-2007-6350] [CVE-2007-6415] design flaw may lead to execution of arbitrary commands
Bug #185035 reported by
disabled.user
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
scponly (Debian) |
Fix Released
|
Unknown
|
|||
scponly (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Dapper |
Fix Released
|
High
|
Unassigned | ||
Edgy |
Won't Fix
|
High
|
Unassigned | ||
Feisty |
Won't Fix
|
High
|
Unassigned | ||
Gutsy |
Won't Fix
|
Undecided
|
Unassigned | ||
Hardy |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: scponly
References:
DSA-1473-1 (http://
Quoting:
"Joachim Breitner discovered that Subversion support in scponly is
inherently insecure, allowing execution of arbitrary commands. Further
investigation showed that rsync and Unison support suffer from similar
issues. This set of issues has been assigned CVE-2007-6350.
In addition, it was discovered that it was possible to invoke with scp
with certain options that may lead to execution of arbitrary commands
(CVE-2007-6415).
This update removes Subversion, rsync and Unison support from the
scponly package, and prevents scp from being invoked with the dangerous
options."
Changed in scponly: | |
status: | Unknown → Fix Released |
Changed in scponly: | |
status: | New → Fix Released |
importance: | Undecided → High |
status: | New → Triaged |
importance: | Undecided → High |
status: | New → Triaged |
importance: | Undecided → High |
status: | New → Triaged |
Changed in scponly: | |
status: | Triaged → Won't Fix |
Changed in scponly (Ubuntu Dapper): | |
status: | Triaged → Fix Committed |
To post a comment you must log in.
For hardy CVE-2007-6415 will get fixed once scponly 4.6-1.2 got synced from Debian unstable (see bug 185383).