Vulnerabilities > CVE-2005-4533 - Unspecified vulnerability in Scponly
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN scponly
nessus
Summary
Argument injection vulnerability in scponlyc in scponly 4.1 and earlier, when both scp and rsync compatibility are enabled, allows local users to execute arbitrary applications via "getopt" style argument specifications, which are not filtered.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 8 |
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-969.NASL description Max Vozeler discovered a vulnerability in scponly, a utility to restrict user commands to scp and sftp, that could lead to the execution of arbitrary commands as root. The system is only vulnerable if the program scponlyc is installed setuid root and if regular users have shell access to the machine. last seen 2020-06-01 modified 2020-06-02 plugin id 22835 published 2006-10-14 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22835 title Debian DSA-969-1 : scponly - design error NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200512-17.NASL description The remote host is affected by the vulnerability described in GLSA-200512-17 (scponly: Multiple privilege escalation issues) Max Vozeler discovered that the scponlyc command allows users to chroot into arbitrary directories. Furthermore, Pekka Pessi reported that scponly insufficiently validates command-line parameters to a scp or rsync command. Impact : A local attacker could gain root privileges by chrooting into arbitrary directories containing hardlinks to setuid programs. A remote scponly user could also send malicious parameters to a scp or rsync command that would allow to escape the shell restrictions and execute arbitrary programs. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 20358 published 2005-12-30 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20358 title GLSA-200512-17 : scponly: Multiple privilege escalation issues
References
- http://secunia.com/advisories/18223
- http://secunia.com/advisories/18223
- http://secunia.com/advisories/18236
- http://secunia.com/advisories/18236
- http://sublimation.org/scponly/#relnotes
- http://sublimation.org/scponly/#relnotes
- http://www.gentoo.org/security/en/glsa/glsa-200512-17.xml
- http://www.gentoo.org/security/en/glsa/glsa-200512-17.xml
- http://www.securityfocus.com/bid/16051
- http://www.securityfocus.com/bid/16051
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23875
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23875