4.6

CVE-2006-0225

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenbsdOpenssh Version3.0
OpenbsdOpenssh Version3.0.1
OpenbsdOpenssh Version3.0.1p1
OpenbsdOpenssh Version3.0.2
OpenbsdOpenssh Version3.0.2p1
OpenbsdOpenssh Version3.0p1
OpenbsdOpenssh Version3.1
OpenbsdOpenssh Version3.1p1
OpenbsdOpenssh Version3.2
OpenbsdOpenssh Version3.2.2p1
OpenbsdOpenssh Version3.2.3p1
OpenbsdOpenssh Version3.3
OpenbsdOpenssh Version3.3p1
OpenbsdOpenssh Version3.4
OpenbsdOpenssh Version3.4p1
OpenbsdOpenssh Version3.5
OpenbsdOpenssh Version3.5p1
OpenbsdOpenssh Version3.6
OpenbsdOpenssh Version3.6.1
OpenbsdOpenssh Version3.6.1p1
OpenbsdOpenssh Version3.6.1p2
OpenbsdOpenssh Version3.7
OpenbsdOpenssh Version3.7.1
OpenbsdOpenssh Version3.7.1p2
OpenbsdOpenssh Version3.8
OpenbsdOpenssh Version3.8.1
OpenbsdOpenssh Version3.8.1p1
OpenbsdOpenssh Version3.9
OpenbsdOpenssh Version3.9.1
OpenbsdOpenssh Version3.9.1p1
OpenbsdOpenssh Version4.0p1
OpenbsdOpenssh Version4.1p1
OpenbsdOpenssh Version4.2p1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.47% 0.372
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc
http://secunia.com/advisories/21129
http://secunia.com/advisories/21262
http://secunia.com/advisories/21724
http://secunia.com/advisories/22196
http://secunia.com/advisories/23680
http://support.avaya.com/elmodocs2/security/ASA-2006-174.htm
http://www.redhat.com/support/errata/RHSA-2006-0298.html
http://www.redhat.com/support/errata/RHSA-2006-0698.html
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
http://www.securityfocus.com/archive/1/425397/100/0/threaded
http://secunia.com/advisories/23340
http://docs.info.apple.com/article.html?artnum=305214
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
http://secunia.com/advisories/24479
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
US Government Resource
http://www.vupen.com/english/advisories/2007/0930
http://www.trustix.org/errata/2006/0004
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/005_ssh.patch
http://blogs.sun.com/security/entry/sun_alert_102961_security_vulnerability
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112
http://secunia.com/advisories/18579
http://secunia.com/advisories/18595
Patch
Vendor Advisory
http://secunia.com/advisories/18650
http://secunia.com/advisories/18736
http://secunia.com/advisories/18798
http://secunia.com/advisories/18850
http://secunia.com/advisories/18910
http://secunia.com/advisories/18964
http://secunia.com/advisories/18969
http://secunia.com/advisories/18970
http://secunia.com/advisories/19159
http://secunia.com/advisories/20723
http://secunia.com/advisories/21492
http://secunia.com/advisories/23241
http://secunia.com/advisories/25607
http://secunia.com/advisories/25936
http://securityreason.com/securityalert/462
http://securitytracker.com/id?1015540
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.425802
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102961-1
http://support.avaya.com/elmodocs2/security/ASA-2006-158.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm
http://support.avaya.com/elmodocs2/security/ASA-2007-246.htm
http://www.gentoo.org/security/en/glsa/glsa-200602-11.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:034
http://www.novell.com/linux/security/advisories/2006_08_openssh.html
http://www.openpkg.org/security/OpenPKG-SA-2006.003-openssh.html
http://www.osvdb.org/22692
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00062.html
http://www.redhat.com/support/errata/RHSA-2006-0044.html
http://www.securityfocus.com/bid/16369
http://www.ubuntu.com/usn/usn-255-1
http://www.vupen.com/english/advisories/2006/0306
http://www.vupen.com/english/advisories/2006/2490
http://www.vupen.com/english/advisories/2006/4869
http://www.vupen.com/english/advisories/2007/2120
http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174026
https://exchange.xforce.ibmcloud.com/vulnerabilities/24305
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1138
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9962