ID |
CVE-2005-4533
|
Summary |
Argument injection vulnerability in scponlyc in scponly 4.1 and earlier, when both scp and rsync compatibility are enabled, allows local users to execute arbitrary applications via "getopt" style argument specifications, which are not filtered. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:scponly:scponly:2.0:*:*:*:*:*:*:*
cpe:2.3:a:scponly:scponly:2.0:*:*:*:*:*:*:*
-
cpe:2.3:a:scponly:scponly:2.1:*:*:*:*:*:*:*
cpe:2.3:a:scponly:scponly:2.1:*:*:*:*:*:*:*
-
cpe:2.3:a:scponly:scponly:3.0:*:*:*:*:*:*:*
cpe:2.3:a:scponly:scponly:3.0:*:*:*:*:*:*:*
-
cpe:2.3:a:scponly:scponly:3.5:*:*:*:*:*:*:*
cpe:2.3:a:scponly:scponly:3.5:*:*:*:*:*:*:*
-
cpe:2.3:a:scponly:scponly:3.8:*:*:*:*:*:*:*
cpe:2.3:a:scponly:scponly:3.8:*:*:*:*:*:*:*
-
cpe:2.3:a:scponly:scponly:3.9:*:*:*:*:*:*:*
cpe:2.3:a:scponly:scponly:3.9:*:*:*:*:*:*:*
-
cpe:2.3:a:scponly:scponly:3.11:*:*:*:*:*:*:*
cpe:2.3:a:scponly:scponly:3.11:*:*:*:*:*:*:*
-
cpe:2.3:a:scponly:scponly:4.1:*:*:*:*:*:*:*
cpe:2.3:a:scponly:scponly:4.1:*:*:*:*:*:*:*
|
CVSS |
Base: | 7.5 (as of 12-10-2017 - 01:29) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
|
Last major update |
12-10-2017 - 01:29 |
Published |
28-12-2005 - 01:03 |
Last modified |
12-10-2017 - 01:29 |