FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-24 11:27:39 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
b5a49db7-72fc-11da-9827-021106004fd6	scponly -- local privilege escalation exploits Max Vozeler reports: If ALL the following conditions are true, administrators using scponly-4.1 or older may be at risk of a local privilege escalation exploit: the chrooted setuid scponlyc binary is installed regular non-scponly users have interactive shell access to the box a user executable dynamically linked setuid binary (such as ping) exists on the same file system mount as the user's home directory the operating system supports an LD_PRELOAD style mechanism to overload dynamic library loading Pekka Pessi also reports: If ANY the following conditions are true, administrators using scponly-4.1 or older may be at risk of a local privilege escalation exploit: scp compatibility is enabled rsync compatibility is enabled Discovery 2005-12-21 Entry 2005-12-22 scponly < 4.2 https://lists.ccs.neu.edu/pipermail/scponly/2005-December/001027.html http://sublimation.org/scponly/#relnotes
f11b219a-44b6-11d9-ae2f-021106004fd6	rssh & scponly -- arbitrary command execution Jason Wies identified both rssh & scponly have a vulnerability that allows arbitrary command execution. He reports: The problem is compounded when you recognize that the main use of rssh and scponly is to allow file transfers, which in turn allows a malicious user to transfer and execute entire custom scripts on the remote machine. Discovery 2004-11-28 Entry 2004-12-02 Modified 2004-12-12 rssh <= 2.2.2 scponly < 4.0 11791 11792 ports/74633 http://marc.theaimsgroup.com/?l=bugtraq&m=110202047507273

VuXML ID

Description

b5a49db7-72fc-11da-9827-021106004fd6

scponly -- local privilege escalation exploits

Max Vozeler reports:

If ALL the following conditions are true, administrators using scponly-4.1 or older may be at risk of a local privilege escalation exploit:

the chrooted setuid scponlyc binary is installed

regular non-scponly users have interactive shell access to the box

a user executable dynamically linked setuid binary (such as ping) exists on the same file system mount as the user's home directory

the operating system supports an LD_PRELOAD style mechanism to overload dynamic library loading

Pekka Pessi also reports:

If ANY the following conditions are true, administrators using scponly-4.1 or older may be at risk of a local privilege escalation exploit:

scp compatibility is enabled

rsync compatibility is enabled

Discovery 2005-12-21
Entry 2005-12-22
scponly

< 4.2

https://lists.ccs.neu.edu/pipermail/scponly/2005-December/001027.html
http://sublimation.org/scponly/#relnotes

f11b219a-44b6-11d9-ae2f-021106004fd6

rssh & scponly -- arbitrary command execution

Jason Wies identified both rssh & scponly have a vulnerability that allows arbitrary command execution. He reports:

The problem is compounded when you recognize that the main use of rssh and scponly is to allow file transfers, which in turn allows a malicious user to transfer and execute entire custom scripts on the remote machine.

Discovery 2004-11-28
Entry 2004-12-02
Modified 2004-12-12
rssh

<= 2.2.2

scponly

< 4.0

11791
11792
ports/74633
http://marc.theaimsgroup.com/?l=bugtraq&m=110202047507273