7.5

CVE-2004-1162

Exploit

EPSS 0.65%
Veröffentlicht 10.01.2005 05:00:00
Zuletzt bearbeitet 16.04.2026 00:27:16
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The unison command in scponly before 4.0 does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via the (1) -rshcmd or (2) -sshcmd flags.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

NVD 10 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Scponly ≫ Scponly Version2.0

Scponly ≫ Scponly Version2.1

Scponly ≫ Scponly Version2.3

Scponly ≫ Scponly Version2.4

Scponly ≫ Scponly Version3.0

Scponly ≫ Scponly Version3.5

Scponly ≫ Scponly Version3.8

Scponly ≫ Scponly Version3.9

Scponly ≫ Scponly Version3.11

Gentoo ≫ Linux

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.65%	0.684

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://marc.info/?l=bugtraq&m=110202047507273&w=2

http://marc.info/?l=bugtraq&m=110581113814623&w=2

http://www.gentoo.org/security/en/glsa/glsa-200412-01.xml

http://www.securityfocus.com/bid/11791

Patch

Vendor Advisory

Exploit

http://www.sublimation.org/scponly/#relnotes

https://exchange.xforce.ibmcloud.com/vulnerabilities/18362

https://nvd.nist.gov/vuln/detail/CVE-2004-1162

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-1162

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-1162

EUVD