CVE-2006-0225

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.

Published : 2006-01-25 11:03 Updated : 2018-10-19 15:43

4.6
CVSS Score More info
Score 4.6 / 10
4.6
Vendor Product Version URI
Openbsd Openssh 3.6.1p1 cpe:/a:openbsd:openssh:3.6.1p1
Openbsd Openssh 3.0p1 cpe:/a:openbsd:openssh:3.0p1
Openbsd Openssh 3.1p1 cpe:/a:openbsd:openssh:3.1p1
Openbsd Openssh 3.0.1 cpe:/a:openbsd:openssh:3.0.1
Openbsd Openssh 3.0.2 cpe:/a:openbsd:openssh:3.0.2
Openbsd Openssh 3.3p1 cpe:/a:openbsd:openssh:3.3p1
Openbsd Openssh 3.4p1 cpe:/a:openbsd:openssh:3.4p1
Openbsd Openssh 3.5p1 cpe:/a:openbsd:openssh:3.5p1
Openbsd Openssh 3.7.1p2 cpe:/a:openbsd:openssh:3.7.1p2
Openbsd Openssh 3.6.1 cpe:/a:openbsd:openssh:3.6.1
Openbsd Openssh 3.7.1 cpe:/a:openbsd:openssh:3.7.1
Openbsd Openssh 3.8.1p1 cpe:/a:openbsd:openssh:3.8.1p1
Openbsd Openssh 3.0.2p1 cpe:/a:openbsd:openssh:3.0.2p1
Openbsd Openssh 3.0.1p1 cpe:/a:openbsd:openssh:3.0.1p1
Openbsd Openssh 3.0 cpe:/a:openbsd:openssh:3.0
Openbsd Openssh 3.9.1p1 cpe:/a:openbsd:openssh:3.9.1p1
Openbsd Openssh 3.2 cpe:/a:openbsd:openssh:3.2
Openbsd Openssh 3.1 cpe:/a:openbsd:openssh:3.1
Openbsd Openssh 3.8 cpe:/a:openbsd:openssh:3.8
Openbsd Openssh 3.7 cpe:/a:openbsd:openssh:3.7
Openbsd Openssh 3.9 cpe:/a:openbsd:openssh:3.9
Openbsd Openssh 3.4 cpe:/a:openbsd:openssh:3.4
Openbsd Openssh 3.3 cpe:/a:openbsd:openssh:3.3
Openbsd Openssh 3.6 cpe:/a:openbsd:openssh:3.6
Openbsd Openssh 3.5 cpe:/a:openbsd:openssh:3.5
Openbsd Openssh 3.8.1 cpe:/a:openbsd:openssh:3.8.1
Openbsd Openssh 3.9.1 cpe:/a:openbsd:openssh:3.9.1
Openbsd Openssh 4.0p1 cpe:/a:openbsd:openssh:4.0p1
Openbsd Openssh 3.2.3p1 cpe:/a:openbsd:openssh:3.2.3p1
Openbsd Openssh 3.2.2p1 cpe:/a:openbsd:openssh:3.2.2p1
Openbsd Openssh 4.1p1 cpe:/a:openbsd:openssh:4.1p1
Openbsd Openssh 3.6.1p2 cpe:/a:openbsd:openssh:3.6.1p2
Openbsd Openssh 4.2p1 cpe:/a:openbsd:openssh:4.2p1
  1. Openbsd (1) Search CVE
    1. Openssh (33) Search CVE
      1. 3.6.1p1
      2. 3.0p1
      3. 3.1p1
      4. 3.0.1
      5. 3.0.2
      6. 3.3p1
      7. 3.4p1
      8. 3.5p1
      9. 3.7.1p2
      10. 3.6.1
      11. 3.7.1
      12. 3.8.1p1
      13. 3.0.2p1
      14. 3.0.1p1
      15. 3.0
      16. 3.9.1p1
      17. 3.2
      18. 3.1
      19. 3.8
      20. 3.7
      21. 3.9
      22. 3.4
      23. 3.3
      24. 3.6
      25. 3.5
      26. 3.8.1
      27. 3.9.1
      28. 4.0p1
      29. 3.2.3p1
      30. 3.2.2p1
      31. 4.1p1
      32. 3.6.1p2
      33. 4.2p1

CWE

There is no CWE for this CVE.

References

Source Link
FEDORA http://www.securityfocus.com/archive/1/425397/100/0/threaded
OPENBSD ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/005_ssh.patch
SGI ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc
CONFIRM http://blogs.sun.com/security/entry/sun_alert_102961_security_vulnerability
CONFIRM http://docs.info.apple.com/article.html?artnum=305214
APPLE http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
SREASON http://securityreason.com/securityalert/462
SECTRACK http://securitytracker.com/id?1015540
SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.425802
SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-102961-1
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-158.htm
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-174.htm
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-246.htm
GENTOO http://www.gentoo.org/security/en/glsa/glsa-200602-11.xml
MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:034
SUSE http://www.novell.com/linux/security/advisories/2006_08_openssh.html
OPENPKG http://www.openpkg.org/security/OpenPKG-SA-2006.003-openssh.html
FEDORA http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00062.html
REDHAT http://www.redhat.com/support/errata/RHSA-2006-0044.html
REDHAT http://www.redhat.com/support/errata/RHSA-2006-0298.html
REDHAT http://www.redhat.com/support/errata/RHSA-2006-0698.html
BID http://www.securityfocus.com/bid/16369
TRUSTIX http://www.trustix.org/errata/2006/0004
UBUNTU http://www.ubuntu.com/usn/usn-255-1
CERT http://www.us-cert.gov/cas/techalerts/TA07-072A.html
CONFIRM http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
CONFIRM http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
VUPEN http://www.vupen.com/english/advisories/2006/0306
VUPEN http://www.vupen.com/english/advisories/2006/2490
VUPEN http://www.vupen.com/english/advisories/2006/4869
VUPEN http://www.vupen.com/english/advisories/2007/0930
VUPEN http://www.vupen.com/english/advisories/2007/2120
CONFIRM http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688
CONFIRM http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751
CONFIRM https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174026
HP http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/24305