Package(s):	scponly	CVE #(s):	CVE-2005-4532
Created:	December 29, 2005	Updated:	February 13, 2006
Description:	The scponly restricted shell has a privilege escalation vulnerability. Local users can chroot into arbitrary directories, and can gain root privileges if a directory contains hard links to setuid programs. Also, scponly does not properly validate command line parameters to the scp and rsync commands.
Alerts:	Debian DSA-969-1 scponly 2006-02-13 Gentoo 200512-17 scponly 2005-12-29

---

to post comments