Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2019-3464
Description:Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
Test IDs: 1.3.6.1.4.1.25623.1.0.891660  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2019-3464
BugTraq ID: 106839
http://www.securityfocus.com/bid/106839
Debian Security Information: DSA-4382 (Google Search)
https://www.debian.org/security/2019/dsa-4382
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KR2OHTHMJVV4DO3HDRFQQZ5JENHDJQEN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T42YYNWJZG422GATWAHAEK4A24OKY557/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO3MDU3AH5SLYBKHH5PJ6PHC63ASIF42/
http://seclists.org/fulldisclosure/2021/May/78
https://security.gentoo.org/glsa/202007-29
https://tracker.debian.org/news/1026713/accepted-rssh-234-5deb9u2-source-amd64-into-stable-embargoed-stable/
https://lists.debian.org/debian-lts-announce/2019/02/msg00007.html
https://usn.ubuntu.com/3946-1/




© 1998-2021 E-Soft Inc. All rights reserved.