CVE-2012-2251 Information

Description

rssh 2.3.2 as used by Debian Fedora and others when the rsync protocol is enabled allows local users to bypass intended restricted shell access via a (1) -e\ or (2) --\ command line option.

Reference

http://archives.neohapsis.com/archives/bugtraq/2012-11/0101.html http://secunia.com/advisories/51307 http://www.debian.org/security/2012/dsa-2578 http://www.openwall.com/lists/oss-security/2012/11/27/15 http://www.securityfocus.com/bid/56708 https://bugzilla.redhat.com/show_bug.cgi?id=877279 https://exchange.xforce.ibmcloud.com/vulnerabilities/80334