New Search

Security Vulnerability Relating to scp(1) Command May Allow Attackers to Execute Arbitrary Commands

oval:org.mitre.oval:def:1138

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces which are expanded twice.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Sun Solaris 9
  • Sun Solaris 10
Class:
vulnerability
Reference(s):
  • CVE-2006-0225
Product(s):