Scponly May Let Remote Authenticated Users Execute Arbitrary Commands
|
|
SecurityTracker Alert ID: 1019103 |
|
SecurityTracker URL: http://securitytracker.com/id/1019103
|
|
CVE Reference:
CVE-2007-6350
(Links to External Site)
|
Date: Dec 17 2007
|
Impact:
Execution of arbitrary code via network, User access via network
|
Vendor Confirmed: Yes Exploit Included: Yes
|
Version(s): 4.6 and prior versions
|
Description:
A vulnerability was reported in Scponly. A remote authenticated user can execute arbitrary commands on the target system.
A remote authenticated user can invoke certain subcommands to bypass security restrictions and execute arbitrary commands.
The unison, rsync, svnserve, and svn commands are affected.
Joachim Breitner reported this vulnerability.
|
Impact:
A remote authenticated user can execute arbitrary commands on the target system.
|
Solution:
No solution was available at the time of this entry.
The vendor has provided an updated security document to warn of the risks associated with this vulnerability.
|
Vendor URL: sublimation.org/scponly/wiki/index.php/Main_Page (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
Linux (Any), UNIX (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 17 Dec 2007 09:26:00 -0500
Subject: scponly
|
CVE-2007-6350
CVE wrote:
scponly 4.6 and earlier allows remote authenticated users to bypass intended
restrictions and execute code by invoking dangerous subcommands including (1) unison,
(2) rsync, and (3) svn , as originally demonstrated by creating a Subversion (SVN)
repository with malicious hooks, then using svn to trigger execution of those hooks.
|
|
