[Secure-testing-team] [oss-security] rssh: incorrect filtering of command line options
Yves-Alexis Perez
corsac at debian.org
Tue Nov 27 23:42:45 UTC 2012
On mer., 2012-11-28 at 00:21 +0100, Yves-Alexis Perez wrote:
> CVE-2012-2251
> Incorrect filtering of the "--rsh" option: the filter preventing usage of the
> "--rsh=" option would not prevent passing "--rsh". This vulnerability affects
> upstream code.
>
This is indeed CVE-2012-2252, sorry for that.
Regards,
--
Yves-Alexis Perez
Debian Security
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20121128/6a2058e6/attachment.pgp>
More information about the Secure-testing-team
mailing list