CVE-2019-1000018

NameCVE-2019-1000018
Descriptionrssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. This attack appear to be exploitable via An authorized SSH user with the allowscp permission.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1650-1, DSA-4377-1
NVD severitymedium
Debian Bugs919623

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
rssh (PTS)stretch, stretch (security)2.3.4-5+deb9u4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
rsshsourcejessie2.3.4-4+deb8u1DLA-1650-1
rsshsourcestretch2.3.4-5+deb9u1DSA-4377-1
rsshsource(unstable)2.3.4-9919623

Notes

https://sourceforge.net/p/rssh/mailman/message/36519118/
Search for package or bug name: Reporting problems