CVE-2002-1469 in scponlyinformazioni

Riassunto

di MITRE

scponly does not properly verify the path when finding the (1) scp or (2) sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs and modifying the PATH variable in $HOME/.ssh/environment to locate those programs.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Divulgazione

22/04/2003

Moderazione

accettato

Voce

VDB-20378

CPE

pronto

CWE

CWE-269 (confermato)

Sfruttamento

Scaricare

CVSS

7.5 (NVD)

EPSS

0.02865

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-1469
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-1469
CVE Details	https://www.cvedetails.com/cve/CVE-2002-1469/

◂ Precedente Visione D'ensemble Il prossimo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!