Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Gentoo GLSA 200512-15 High: rssh Privilege Escalation Attack

gentoo
Calendar Grey December 27, 2005
Scroller Gentoo
Community members might obtain administrative privileges via rssh chroot exploit in Gentoo Linux. Update advised for protection.
Local users could gain root privileges by chrooting into arbitrary directories.

Summary

Gentoo Linux Security Advisory GLSA 200512-15 https://security.gentoo.org/ Severity: High Title: rssh: Privilege escalation Date: December 27, 2005 Bugs: #115082 ID: 200512-15

Synopsis ======= Local users could gain root privileges by chrooting into arbitrary directories.
Background ========= rssh is a restricted shell, allowing only a few commands like scp or sftp. It is often used as a complement to OpenSSH to provide limited access to users.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-shells/rssh < 2.3.0 >= 2.3.0
========== Max Vozeler discovered that the rssh_chroot_helper command allows local users to chroot into arbitrary directories.
...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround