Detections
Analytics

CVE-2005-4533

high

Description

Argument injection vulnerability in scponlyc in scponly 4.1 and earlier, when both scp and rsync compatibility are enabled, allows local users to execute arbitrary applications via "getopt" style argument specifications, which are not filtered.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/23875

http://www.securityfocus.com/bid/16051

http://www.gentoo.org/security/en/glsa/glsa-200512-17.xml

http://sublimation.org/scponly/#relnotes

http://secunia.com/advisories/18236

http://secunia.com/advisories/18223

Details

Source: Mitre, NVD

Published: 2005-12-28

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High