7.5

CVE-2005-4533

Argument injection vulnerability in scponlyc in scponly 4.1 and earlier, when both scp and rsync compatibility are enabled, allows local users to execute arbitrary applications via "getopt" style argument specifications, which are not filtered.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ScponlyScponly Version2.0
ScponlyScponly Version2.1
ScponlyScponly Version3.0
ScponlyScponly Version3.5
ScponlyScponly Version3.8
ScponlyScponly Version3.9
ScponlyScponly Version3.11
ScponlyScponly Version4.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.46% 0.701
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/18223
Patch
Vendor Advisory
http://secunia.com/advisories/18236
http://sublimation.org/scponly/#relnotes
http://www.gentoo.org/security/en/glsa/glsa-200512-17.xml
http://www.securityfocus.com/bid/16051
https://exchange.xforce.ibmcloud.com/vulnerabilities/23875