CVE-2005-3345 - rssh 2.0.0 through 2.2.3 allows local users to bypass access restrictions and gain root privileges b

CVE-2005-3345

Summary

rssh 2.0.0 through 2.2.3 allows local users to bypass access restrictions and gain root privileges by using the rssh_chroot_helper command to chroot to an external directory.

References

Vulnerable Configurations

cpe:2.3:a:rssh:rssh:2.0:*:*:*:*:*:*:*
cpe:2.3:a:rssh:rssh:2.0:*:*:*:*:*:*:*
cpe:2.3:a:rssh:rssh:2.1:*:*:*:*:*:*:*
cpe:2.3:a:rssh:rssh:2.1:*:*:*:*:*:*:*
cpe:2.3:a:rssh:rssh:2.2:*:*:*:*:*:*:*
cpe:2.3:a:rssh:rssh:2.2:*:*:*:*:*:*:*
cpe:2.3:a:rssh:rssh:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:rssh:rssh:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:rssh:rssh:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:rssh:rssh:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:rssh:rssh:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:rssh:rssh:2.2.3:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 11-07-2017 - 01:33)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	16050
confirm	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=344424 http://www.pizzashack.org/rssh/security.shtml
gentoo	GLSA-200512-15
secunia	18224 18237
sreason	308
xf	rssh-chroot-gain-privileges(23854)

Last major update

11-07-2017 - 01:33

Published

28-12-2005 - 22:03

Last modified

11-07-2017 - 01:33