Bypassing Authorized Keys2 Command Restrictions in OpenSSH SFTP Server

Bypassing Authorized Keys2 Command Restrictions in OpenSSH SFTP Server

CVE-2001-0816 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

OpenSSH before 2.9.9, when running sftp using sftp-server and using restricted keypairs, allows remote authenticated users to bypass authorized_keys2 command= restrictions using sftp commands.

Learn more about our Cis Benchmark Audit For Server Software.