Explore top 10 tips to secure your open-source projects now. Read More
×Gentoo Linux Security Advisory GLSA 200512-15
https://security.gentoo.org/
Severity: High
Title: rssh: Privilege escalation
Date: December 27, 2005
Bugs: #115082
ID: 200512-15
Synopsis
=======
Local users could gain root privileges by chrooting into arbitrary
directories.
Background
=========
rssh is a restricted shell, allowing only a few commands like scp or
sftp. It is often used as a complement to OpenSSH to provide limited
access to users.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-shells/rssh < 2.3.0 >= 2.3.0
==========
Max Vozeler discovered that the rssh_chroot_helper command allows local
users to chroot into arbitrary directories.
...
style>.gentoo_availability{display:block;}
Get the latest Linux and open source security news straight to your inbox.