CVE-2012-2252 - OpenCVE

Incomplete blacklist vulnerability in rssh before 2.3.4, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via the --rsh command line option.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Pizzashack	Rssh

Configuration 1 [-]

OR	cpe:2.3:a:pizzashack:rssh::::::::
	cpe:2.3:a:pizzashack:rssh:2.0.0:::::::*
	cpe:2.3:a:pizzashack:rssh:2.0.1:::::::*
	cpe:2.3:a:pizzashack:rssh:2.0.2:::::::*
	cpe:2.3:a:pizzashack:rssh:2.0.3:::::::*
	cpe:2.3:a:pizzashack:rssh:2.0.4:::::::*
	cpe:2.3:a:pizzashack:rssh:2.1.0:::::::*
	cpe:2.3:a:pizzashack:rssh:2.1.1:::::::*
	cpe:2.3:a:pizzashack:rssh:2.2.1:::::::*
	cpe:2.3:a:pizzashack:rssh:2.2.2:::::::*
	cpe:2.3:a:pizzashack:rssh:2.2.3:::::::*
	cpe:2.3:a:pizzashack:rssh:2.3.0:::::::*
	cpe:2.3:a:pizzashack:rssh:2.3.1:::::::*
	cpe:2.3:a:pizzashack:rssh:2.3.2:::::::*

No data.

References

Link	Providers
http://archives.neohapsis.com/archives/bugtraq/2012-11/0101.html
http://osvdb.org/87926
http://secunia.com/advisories/51307
http://secunia.com/advisories/51343
http://www.debian.org/security/2012/dsa-2578
http://www.openwall.com/lists/oss-security/2012/11/27/15
http://www.openwall.com/lists/oss-security/2012/11/28/2
http://www.openwall.com/lists/oss-security/2012/11/28/3
http://www.securityfocus.com/bid/56708
https://bugzilla.redhat.com/show_bug.cgi?id=880177
https://exchange.xforce.ibmcloud.com/vulnerabilities/80335

History

No history.

MITRE

Status: PUBLISHED

Assigner: debian

Published: 2013-01-11T01:00:00

Updated: 2024-08-06T19:26:09.171Z

Reserved: 2012-04-16T00:00:00

Link: CVE-2012-2252

Vulnrichment

No data.

NVD

Status : Modified

Published: 2013-01-11T01:55:00.837

Modified: 2017-08-29T01:31:34.413

Link: CVE-2012-2252

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-11-27T00:00:00", "descriptions": [{"lang": "en", "value": "Incomplete blacklist vulnerability in rssh before 2.3.4, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via the --rsh command line option."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian"}, "references": [{"name": "51343", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/51343"}, {"name": "51307", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/51307"}, {"name": "[oss-security] 20121128 Re: rssh: incorrect filtering of command line options", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/11/28/2"}, {"name": "[oss-security] 20121128 rssh: incorrect filtering of command line options", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/11/27/15"}, {"name": "[oss-security] 20121127 Re: rssh: incorrect filtering of command line options", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/11/28/3"}, {"name": "DSA-2578", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2012/dsa-2578"}, {"name": "rssh-command-line-command-exec(80335)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80335"}, {"name": "56708", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/56708"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=880177"}, {"name": "87926", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/87926"}, {"name": "20121127 Re: rssh security announcement", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0101.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@debian.org", "ID": "CVE-2012-2252", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Incomplete blacklist vulnerability in rssh before 2.3.4, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via the --rsh command line option."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "51343", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51343"}, {"name": "51307", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51307"}, {"name": "[oss-security] 20121128 Re: rssh: incorrect filtering of command line options", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2012/11/28/2"}, {"name": "[oss-security] 20121128 rssh: incorrect filtering of command line options", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2012/11/27/15"}, {"name": "[oss-security] 20121127 Re: rssh: incorrect filtering of command line options", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2012/11/28/3"}, {"name": "DSA-2578", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2012/dsa-2578"}, {"name": "rssh-command-line-command-exec(80335)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80335"}, {"name": "56708", "refsource": "BID", "url": "http://www.securityfocus.com/bid/56708"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=880177", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=880177"}, {"name": "87926", "refsource": "OSVDB", "url": "http://osvdb.org/87926"}, {"name": "20121127 Re: rssh security announcement", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0101.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:26:09.171Z"}, "title": "CVE Program Container", "references": [{"name": "51343", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/51343"}, {"name": "51307", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/51307"}, {"name": "[oss-security] 20121128 Re: rssh: incorrect filtering of command line options", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/11/28/2"}, {"name": "[oss-security] 20121128 rssh: incorrect filtering of command line options", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/11/27/15"}, {"name": "[oss-security] 20121127 Re: rssh: incorrect filtering of command line options", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/11/28/3"}, {"name": "DSA-2578", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2012/dsa-2578"}, {"name": "rssh-command-line-command-exec(80335)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80335"}, {"name": "56708", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/56708"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=880177"}, {"name": "87926", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/87926"}, {"name": "20121127 Re: rssh security announcement", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0101.html"}]}]}, "cveMetadata": {"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2012-2252", "datePublished": "2013-01-11T01:00:00", "dateReserved": "2012-04-16T00:00:00", "dateUpdated": "2024-08-06T19:26:09.171Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pizzashack:rssh:*:*:*:*:*:*:*:*", "matchCriteriaId": "541B5F5E-B34F-4E0C-99A0-99AF53D7536F", "versionEndIncluding": "2.3.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:pizzashack:rssh:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "405D117C-7A65-48DD-B898-4E7526A47392", "vulnerable": true}, {"criteria": "cpe:2.3:a:pizzashack:rssh:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "02796C4B-F155-4D6B-9692-0C467B259B3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:pizzashack:rssh:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5D3BE629-9E24-4E48-9ADD-61174BBAD270", "vulnerable": true}, {"criteria": "cpe:2.3:a:pizzashack:rssh:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "147D0EA0-3F3E-488E-A5FF-618614B34D9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:pizzashack:rssh:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "994DDFAC-D9D6-4146-8628-5014E52A6847", "vulnerable": true}, {"criteria": "cpe:2.3:a:pizzashack:rssh:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA58CBF8-1826-44D7-B2F0-999B8DA61F1F", "vulnerable": true}, {"criteria": "cpe:2.3:a:pizzashack:rssh:2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "5D984CE9-5283-4DAE-9D42-9B5AE31A4002", "vulnerable": true}, {"criteria": "cpe:2.3:a:pizzashack:rssh:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "D718FA8D-2699-4150-AB39-357E1585EB46", "vulnerable": true}, {"criteria": "cpe:2.3:a:pizzashack:rssh:2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "255C9863-4D7E-46CE-A1C9-F897EFB85D38", "vulnerable": true}, {"criteria": "cpe:2.3:a:pizzashack:rssh:2.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "72CB8450-D58D-4824-931F-2D61451F2C5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:pizzashack:rssh:2.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2C75A3EB-ABDF-458B-8B49-505791EF8749", "vulnerable": true}, {"criteria": "cpe:2.3:a:pizzashack:rssh:2.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "F6BACEEB-9CBD-4E94-A3EF-61E220F2D68E", "vulnerable": true}, {"criteria": "cpe:2.3:a:pizzashack:rssh:2.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "2F69D6E8-00A6-417C-A458-F8C4B90CB694", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Incomplete blacklist vulnerability in rssh before 2.3.4, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via the --rsh command line option."}, {"lang": "es", "value": "Vulnerabilidad de lista negra incompleta en rssh antes de v2.3.4, cuando el protocolo rsync est\u00e1 activado, permite a los usuarios locales eludir las restricciones de acceso a la interfaz de comandos a trav\u00e9s de la opci\u00f3n --rsh de la l\u00ednea de comandos.\r\n"}], "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/184.html 'CWE-184: Incomplete Blacklist'", "id": "CVE-2012-2252", "lastModified": "2017-08-29T01:31:34.413", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-01-11T01:55:00.837", "references": [{"source": "security@debian.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0101.html"}, {"source": "security@debian.org", "url": "http://osvdb.org/87926"}, {"source": "security@debian.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/51307"}, {"source": "security@debian.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/51343"}, {"source": "security@debian.org", "url": "http://www.debian.org/security/2012/dsa-2578"}, {"source": "security@debian.org", "url": "http://www.openwall.com/lists/oss-security/2012/11/27/15"}, {"source": "security@debian.org", "url": "http://www.openwall.com/lists/oss-security/2012/11/28/2"}, {"source": "security@debian.org", "url": "http://www.openwall.com/lists/oss-security/2012/11/28/3"}, {"source": "security@debian.org", "url": "http://www.securityfocus.com/bid/56708"}, {"source": "security@debian.org", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=880177"}, {"source": "security@debian.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80335"}], "sourceIdentifier": "security@debian.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}