CVE-2007-6350 Information

Description

scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison (2) rsync (3) svn and (4) svnserve as originally demonstrated by creating a Subversion (SVN) repository with malicious hooks then using svn to trigger execution of those hooks.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437148 http://bugs.gentoo.org/show_bug.cgi?id=201726 http://osvdb.org/44137 http://scponly.cvs.sourceforge.net/scponly/scponly/SECURITY?view=markup http://secunia.com/advisories/28123 http://secunia.com/advisories/28538 http://secunia.com/advisories/28944 http://secunia.com/advisories/28981 http://security.gentoo.org/glsa/glsa-200802-06.xml http://www.debian.org/security/2008/dsa-1473 http://www.securityfocus.com/bid/26900 http://www.securitytracker.com/id?1019103 http://www.vupen.com/english/advisories/2007/4243 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00546.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00595.html