CVE-2002-1469 in scponlyinfo

Zusammenfassung

von MITRE

scponly does not properly verify the path when finding the (1) scp or (2) sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs and modifying the PATH variable in $HOME/.ssh/environment to locate those programs.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Veröffentlichung

22.04.2003

Moderieren

akzeptiert

Eintrag

VDB-20378

CPE

bereit

CWE

CWE-269 (bestätigt)

Exploit

Download

CVSS

7.5 (NVD)

EPSS

0.02865

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-1469
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-1469
CVE Details	https://www.cvedetails.com/cve/CVE-2002-1469/

◂ Zurück Übersicht Weiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!