Bypassing Restricted Shell Access in rssh 2.3.2 via Command Line Options

Bypassing Restricted Shell Access in rssh 2.3.2 via Command Line Options

CVE-2012-2251 · MEDIUM Severity

AV:L/AC:M/AU:N/C:P/I:P/A:P

rssh 2.3.2, as used by Debian, Fedora, and others, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via a (1) "-e" or (2) "--" command line option.

Learn more about our Cis Benchmark Audit For Debian Linux.