Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1320

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1320
Last Modified 05 Sep 2008 05:01:35
Published 20 Mar 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1320

Summary

util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf.

Vulnerable Systems

Application

  • Rssh 2.3.0


References

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346322

XF - debian-rssh-rsync-rdist-bypass-security(25424)

BID - 18999

DEBIAN - DSA-1109

SECUNIA - 21087


Last Updated: 27 May 2016 10:42:02