返回 CVE 浏览器

CVE-2004-1628

CRITICAL

9.0

CVSS Severity Score

EPSS Score0.1400%

EPSS Percentile7.12th

Published2004年10月23日

Last Modified2026年4月16日

Vulnerability Description

Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execute arbitrary code.

Affected Platforms (CPE)

📦

Pizzashack

Rssh

< 2.2.2

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=109855982425122&w=2

🔗 http://secunia.com/advisories/12954

🔗 http://www.gentoo.org/security/en/glsa/glsa-200410-28.xml

🔗 http://www.pizzashack.org/rssh/

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/17831

🔗 http://marc.info/?l=bugtraq&m=109855982425122&w=2

🔗 http://secunia.com/advisories/12954

🔗 http://www.gentoo.org/security/en/glsa/glsa-200410-28.xml

相关漏洞威胁

CVE-2019-34639.8

Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should...

CVE-2019-34649.8

Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell...

CVE-2019-10000187.8

rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerab...

CVE-2004-11617.5

rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass...