From 4f2d7949f03e1c198bc888f2d05f421d35c57e21 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 9 Oct 2017 18:53:29 +0100 Subject: reinit the tree, so we can have metadata --- metadata/glsa/glsa-200703-13.xml | 68 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) create mode 100644 metadata/glsa/glsa-200703-13.xml (limited to 'metadata/glsa/glsa-200703-13.xml') diff --git a/metadata/glsa/glsa-200703-13.xml b/metadata/glsa/glsa-200703-13.xml new file mode 100644 index 000000000000..c384ed34f406 --- /dev/null +++ b/metadata/glsa/glsa-200703-13.xml @@ -0,0 +1,68 @@ + + + + SSH Communications Security's Secure Shell Server: SFTP privilege escalation + + The SSH Secure Shell Server SFTP function is vulnerable to privilege + escalation. + + net-misc/ssh + 2007-03-14 + 2007-03-14: 01 + 168584 + remote + + + 4.3.7 + + + +

+ The SSH Secure Shell Server from SSH Communications Security + (www.ssh.com) is a commercial SSH implementation available free for + non-commercial use. +

+ + +

+ The SSH Secure Shell Server contains a format string vulnerability in + the SFTP code that handles file transfers (scp2 and sftp2). In some + situations, this code passes the accessed filename to the system log. + During this operation, an unspecified error could allow uncontrolled + stack access. +

+ + +

+ An authenticated system user may be able to exploit this vulnerability + to bypass command restrictions, or run commands as another user. +

+ + +

+ There is no known workaround at this time. +

+ + +

+ This package is currently masked, there is no upgrade path for the + 3.2.x version, and a license must be purchased in order to update to a + non-vulnerable version. Because of this, we recommend unmerging this + package: +

+ + # emerge --ask --verbose --unmerge net-misc/ssh + + + CVE-2006-0705 + + + vorlon + + + vorlon + + + aetius + + -- cgit v1.2.3