Secunia CSI 5.0
Products
Solutions
Customers
Partner
Resources
Company
Careers
Community

CVE Reference: CVE-2006-0225
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2006-0225

Description:
scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/24305

UBUNTU
  http://www.ubuntu.com/usn/usn-255-1

TRUSTIX
  http://www.trustix.org/errata/2006/0004

SUSE
  http://www.novell.com/linux/security/advisories/2006_08_openssh.html

SUNALERT
  http://sunsolve.sun.com/search/document.do?assetkey=1-26-102961-1

ST
  1015540

SREASON
  http://securityreason.com/securityalert/462

SLACKWARE
  http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.425802

SGI

SAID
  Secunia Advisory: SA25936
  Secunia Advisory: SA25607
  Secunia Advisory: SA24479
  Secunia Advisory: SA23680
  Secunia Advisory: SA23340
  Secunia Advisory: SA23241
  Secunia Advisory: SA22196
  Secunia Advisory: SA21724
  Secunia Advisory: SA21492
  Secunia Advisory: SA21262
  Secunia Advisory: SA21129
  Secunia Advisory: SA20723
  Secunia Advisory: SA19159
  Secunia Advisory: SA18970
  Secunia Advisory: SA18969
  Secunia Advisory: SA18964
  Secunia Advisory: SA18910
  Secunia Advisory: SA18850
  Secunia Advisory: SA18798
  Secunia Advisory: SA18579
  Secunia Advisory: SA18595
  Secunia Advisory: SA18650
  Secunia Advisory: SA18736

REDHAT
  http://www.redhat.com/support/errata/RHSA-2006-0698.html
  http://www.redhat.com/support/errata/RHSA-2006-0298.html
  http://www.redhat.com/support/errata/RHSA-2006-0044.html

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1138
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9962

OSVDB
  22692

OPENPKG
  http://www.openpkg.org/security/OpenPKG-SA-2006.003-openssh.html

OPENBSD

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDKSA-2006:034

HP
  http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112

GENTOO
  http://www.gentoo.org/security/en/glsa/glsa-200602-11.xml

FEDORA
  http://www.securityfocus.com/archive/1/archive/1/425397/100/0/threaded

CONFIRM
  http://blogs.sun.com/security/entry/sun_alert_102961_security_vulnerability
  http://support.avaya.com/elmodocs2/security/ASA-2007-246.htm
  http://support.avaya.com/elmodocs2/security/ASA-2006-174.htm
  http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm
  http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
  http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
  http://docs.info.apple.com/article.html?artnum=305214
  http://support.avaya.com/elmodocs2/security/ASA-2006-158.htm
  http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751
  http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688

CERT
  http://www.us-cert.gov/cas/techalerts/TA07-072A.html

BID
  16369

APPLE
  http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html


Return to the previous page.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports & Papers
Webinars
Events
 About us
Careers
Memberships
Newsroom
 
© 2002-2012 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability