English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 105192 CVE descriptions
and 55704 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-1728
2008-02-15 21:19:11
--------------------------------------------------------------------------------

Name        : scponly
Product     : Fedora 7
Version     : 4.6
Release     : 10.fc7
URL         : http://sublimation.org/scponly/
Summary     : Restricted shell for ssh based file services
Description :
scponly is an alternative 'shell' for system administrators
who would like to provide access to remote users to both
read and write local files without providing any remote
execution priviledges. Functionally, it is best described
as a wrapper to the "tried and true" ssh suite of applications.

--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 13 2008 Tomas Hoger <thoger@redhat.com> - 4.6-10
- Add patch to prevent restriction bypass using OpenSSH's scp options -F
  and -o (CVE-2007-6415, #426072)
* Mon Feb 11 2008 Warren Togami <wtogami@redhat.com> - 4.6-9
- rebuild with gcc-4.3
* Tue Dec 11 2007 Toshio Kuratomi <a.badger@gmail.com> - 4.6-8
- Disable rsync support due to security concerns: RH BZ#418201
* Tue Aug 21 2007 Warren Togami <wtogami@redhat.com> - 4.6-7
- rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #418201 - CVE-2007-6350 scponly: rsync, svn and unison support may be dangerous
        https://bugzilla.redhat.com/show_bug.cgi?id=418201
  [ 2 ] Bug #426072 - CVE-2007-6415 scponly: scp restriction bypass
        https://bugzilla.redhat.com/show_bug.cgi?id=426072
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update scponly' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2017 E-Soft Inc. All rights reserved.