[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

MDVSA-2008:191 -- Mandriva rsh

ID: oval:org.secpod.oval:def:301638Date: (C)2012-01-07   (M)2021-06-06
Class: PATCHFamily: unix




A vulnerability in the rcp protocol was discovered that allows a server to instruct a client to write arbitrary files outside of the current directory, which could potentially be a security concern if a user used rcp to copy files from a malicious server . This issue was originally corrected in MDKSA-2005:100, but the patch had not been applied to the development tree, so released packages after that date did not have the fix applied. This update also corrects an issue where rexecd did not honor settings in /etc/security/limits if pam_limits was in use.

Platform:
Mandriva Linux 2007.1
Mandriva Linux 2008.1
Mandriva Linux 2008.0
Product:
rsh
Reference:
MDVSA-2008:191
CVE-2004-0175
CVE    1
CVE-2004-0175
CPE    3
cpe:/o:mandriva:linux:2008.1
cpe:/o:mandriva:linux:2007.1
cpe:/o:mandriva:linux:2008.0

© SecPod Technologies