Download
| Alert*
CVE-2012-2252
Incomplete blacklist vulnerability in rssh before 2.3.4, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via the --rsh command line option. CVE-2012-3478 rssh 2.3.3 and earlier allows local users to bypass intended restricted shell access via crafted environment variables in the command line. |