CVE-2006-0225

EPSS 0.08%
Veröffentlicht 25.01.2006 11:03:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 67

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Openbsd ≫ Openssh Version3.0

Openbsd ≫ Openssh Version3.0.1

Openbsd ≫ Openssh Version3.0.1p1

Openbsd ≫ Openssh Version3.0.2

Openbsd ≫ Openssh Version3.0.2p1

Openbsd ≫ Openssh Version3.0p1

Openbsd ≫ Openssh Version3.1

Openbsd ≫ Openssh Version3.1p1

Openbsd ≫ Openssh Version3.2

Openbsd ≫ Openssh Version3.2.2p1

Openbsd ≫ Openssh Version3.2.3p1

Openbsd ≫ Openssh Version3.3

Openbsd ≫ Openssh Version3.3p1

Openbsd ≫ Openssh Version3.4

Openbsd ≫ Openssh Version3.4p1

Openbsd ≫ Openssh Version3.5

Openbsd ≫ Openssh Version3.5p1

Openbsd ≫ Openssh Version3.6

Openbsd ≫ Openssh Version3.6.1

Openbsd ≫ Openssh Version3.6.1p1

Openbsd ≫ Openssh Version3.6.1p2

Openbsd ≫ Openssh Version3.7

Openbsd ≫ Openssh Version3.7.1

Openbsd ≫ Openssh Version3.7.1p2

Openbsd ≫ Openssh Version3.8

Openbsd ≫ Openssh Version3.8.1

Openbsd ≫ Openssh Version3.8.1p1

Openbsd ≫ Openssh Version3.9

Openbsd ≫ Openssh Version3.9.1

Openbsd ≫ Openssh Version3.9.1p1

Openbsd ≫ Openssh Version4.0p1

Openbsd ≫ Openssh Version4.1p1

Openbsd ≫ Openssh Version4.2p1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.08%	0.251

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc

http://secunia.com/advisories/21129

http://secunia.com/advisories/21262

http://secunia.com/advisories/21724

http://secunia.com/advisories/22196

http://secunia.com/advisories/23680

http://support.avaya.com/elmodocs2/security/ASA-2006-174.htm

http://www.redhat.com/support/errata/RHSA-2006-0298.html

http://www.redhat.com/support/errata/RHSA-2006-0698.html

http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html

http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html

http://www.securityfocus.com/archive/1/425397/100/0/threaded

http://secunia.com/advisories/23340

http://docs.info.apple.com/article.html?artnum=305214

http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html

http://secunia.com/advisories/24479

http://www.us-cert.gov/cas/techalerts/TA07-072A.html

US Government Resource

http://www.vupen.com/english/advisories/2007/0930

http://www.trustix.org/errata/2006/0004

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/005_ssh.patch

http://blogs.sun.com/security/entry/sun_alert_102961_security_vulnerability

http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112

http://secunia.com/advisories/18579

http://secunia.com/advisories/18595

Patch

Vendor Advisory

http://secunia.com/advisories/18650

http://secunia.com/advisories/18736

http://secunia.com/advisories/18798

http://secunia.com/advisories/18850

http://secunia.com/advisories/18910

http://secunia.com/advisories/18964

http://secunia.com/advisories/18969

http://secunia.com/advisories/18970

http://secunia.com/advisories/19159

http://secunia.com/advisories/20723

http://secunia.com/advisories/21492

http://secunia.com/advisories/23241

http://secunia.com/advisories/25607

http://secunia.com/advisories/25936

http://securityreason.com/securityalert/462

http://securitytracker.com/id?1015540

http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.425802

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102961-1

http://support.avaya.com/elmodocs2/security/ASA-2006-158.htm

http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm

http://support.avaya.com/elmodocs2/security/ASA-2007-246.htm

http://www.gentoo.org/security/en/glsa/glsa-200602-11.xml

http://www.mandriva.com/security/advisories?name=MDKSA-2006:034

http://www.novell.com/linux/security/advisories/2006_08_openssh.html

http://www.openpkg.org/security/OpenPKG-SA-2006.003-openssh.html

http://www.osvdb.org/22692

http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00062.html

http://www.redhat.com/support/errata/RHSA-2006-0044.html

http://www.securityfocus.com/bid/16369

http://www.ubuntu.com/usn/usn-255-1

http://www.vupen.com/english/advisories/2006/0306

http://www.vupen.com/english/advisories/2006/2490

http://www.vupen.com/english/advisories/2006/4869

http://www.vupen.com/english/advisories/2007/2120

http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688

http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174026

https://exchange.xforce.ibmcloud.com/vulnerabilities/24305

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1138

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9962

https://nvd.nist.gov/vuln/detail/CVE-2006-0225

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-0225

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-0225

EUVD