[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-6415Date: (C)2008-01-24   (M)2023-12-22


scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute arbitrary code by invoking scp, as implemented by OpenSSH, with the -F and -o options.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 8.5
Exploit Score: 8.0
Impact Score: 9.2
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: NONE
  
Reference:
SECUNIA-28538
SECUNIA-28944
SECUNIA-28981
DSA-1473
FEDORA-2008-1728
FEDORA-2008-1743
GLSA-200802-06
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437148
http://bugs.gentoo.org/show_bug.cgi?id=203099

CPE    2
cpe:/o:debian:debian_linux:3.1
cpe:/o:debian:debian_linux:4.0
CWE    1
CWE-94
OVAL    1
oval:org.mitre.oval:def:7732

© SecPod Technologies