CVE-2005-4533

EPSS 0.63%
Veröffentlicht 28.12.2005 01:03:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Argument injection vulnerability in scponlyc in scponly 4.1 and earlier, when both scp and rsync compatibility are enabled, allows local users to execute arbitrary applications via "getopt" style argument specifications, which are not filtered.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Scponly ≫ Scponly Version2.0

Scponly ≫ Scponly Version2.1

Scponly ≫ Scponly Version3.0

Scponly ≫ Scponly Version3.5

Scponly ≫ Scponly Version3.8

Scponly ≫ Scponly Version3.9

Scponly ≫ Scponly Version3.11

Scponly ≫ Scponly Version4.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.63%	0.679

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/18223

Patch

Vendor Advisory

http://secunia.com/advisories/18236

http://sublimation.org/scponly/#relnotes

http://www.gentoo.org/security/en/glsa/glsa-200512-17.xml

http://www.securityfocus.com/bid/16051

https://exchange.xforce.ibmcloud.com/vulnerabilities/23875

https://nvd.nist.gov/vuln/detail/CVE-2005-4533

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-4533

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-4533

EUVD