rssh CVE-2012-3478 Security Bypass Vulnerability
BID:53430
Info
rssh CVE-2012-3478 Security Bypass Vulnerability
| Bugtraq ID: | 53430 |
| Class: | Design Error |
| CVE: |
CVE-2012-3478 |
| Remote: | Yes |
| Local: | No |
| Published: | May 08 2012 12:00AM |
| Updated: | Apr 13 2015 09:45PM |
| Credit: | Henrik Erkkonen |
| Vulnerable: |
rssh rssh 2.3.3 rssh rssh 2.3.1 rssh rssh 2.3 rssh rssh 2.2.3 rssh rssh 2.2.2 rssh rssh 2.2.1 rssh rssh 2.2 rssh rssh 2.1 rssh rssh 2.0 Gentoo Linux Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 |
| Not Vulnerable: | |
Discussion
rssh CVE-2012-3478 Security Bypass Vulnerability
rssh is prone to a security-bypass vulnerability.
Attackers may exploit this issue to bypass certain security restrictions and perform unauthorized actions.
rssh versions 2.3.3 and prior are vulnerable.
http://drupal.org/node/207891
rssh is prone to a security-bypass vulnerability.
Attackers may exploit this issue to bypass certain security restrictions and perform unauthorized actions.
rssh versions 2.3.3 and prior are vulnerable.
http://drupal.org/node/207891
Exploit / POC
rssh CVE-2012-3478 Security Bypass Vulnerability
Attackers can use standard commands to exploit this issue.
Attackers can use standard commands to exploit this issue.
Solution / Fix
rssh CVE-2012-3478 Security Bypass Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].