CVE-2012-2252

Medium

4.4/10

Summary

Incomplete blacklist vulnerability in rssh before 2.3.4, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via the --rsh command line option.

Access Complexity: MEDIUM
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: PARTIAL

References

Advisory Timeline

Published Jan 11, 2013

CVE-2012-2252

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS