Debian Security Advisory DSA 2530-1 (rssh) Network Vulnerability

Summary

The remote host is missing an update to rssh announced via advisory DSA 2530-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202530-1

Insight

Henrik Erkkonen discovered that rssh, a restricted shell for SSH, does not properly restrict shell access. For the stable distribution (squeeze), this problem has been fixed in version 2.3.2-13squeeze1. For the unstable distribution (sid), this problem has been fixed in version 2.3.3-5. We recommend that you upgrade your rssh packages.

Severity

Classification

CVE CVE-2012-3478

CVSS	Base Score: 2.1 AV:L/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Debian Security Advisory DSA 2376-1 (ipmitool)
Debian Security Advisory DSA 1138-1 (cfs)
Debian Security Advisory DSA 1078-1 (tiff)
Debian Security Advisory DSA 1402-1 (gforge)
Debian Security Advisory DSA 1947-1 (shibboleth-sp, shibboleth-sp2, opensaml2)

Take action and discover your vulnerabilities