Arbitrary Program Execution Vulnerability in rssh 2.2.2 and Earlier

Arbitrary Program Execution Vulnerability in rssh 2.2.2 and Earlier

CVE-2004-1161 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp -S.

Learn more about our User Device Pen Test.