• info
• discussion
• exploit
• solution
• references

SCPOnly Multiple Local Vulnerabilities

The 'scponly' program is prone to multiple local vulnerabilities. These issues can allow local attackers to gain elevated privileges.

The application is affected by a design error affecting the 'scponlyc' binary.

An attacker can also issue malicious command-line arguments to 'rsync' or scp to execute arbitrary applications with elevated privileges.

Successful exploitation of these issues can facilitate a complete compromise.