RCP Shell Utility Arbitrary Command Execution Vulnerability

Bugtraq ID: 16369
Class: Input Validation Error
CVE: CVE-2006-5052
CVE-2006-5051
CVE-2006-4924
CVE-2006-0225
Remote: Yes
Local: Yes
Published: Jan 24 2006 12:00AM
Updated: Jul 26 2007 10:15PM
Credit: Ulrich Drepper discovered this issue.
Vulnerable: Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
Trustix Secure Enterprise Linux 2.0
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
Sun Solaris 9_x86
Sun Solaris 9
Sun Solaris 8_x86
Sun Solaris 8_sparc
Sun Solaris 10.0_x86
Sun Solaris 10.0
Slackware Linux 10.2
Slackware Linux 10.1
Slackware Linux 10.0
Slackware Linux 9.1
Slackware Linux 9.0
Slackware Linux 8.1
SGI ProPack 3.0 SP6
S.u.S.E. UnitedLinux 1.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
RedHat Linux 9.0 i386
RedHat Linux 7.3 i386
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1
RedHat Desktop 4.0
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1
Red Hat Fedora Core4
Red Hat Fedora Core3
Red Hat Fedora Core2
Red Hat Fedora Core1
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux AS 2.1
OpenPKG OpenPKG 2.5
OpenPKG OpenPKG 2.4
OpenPKG OpenPKG 2.3
OpenBSD OpenSSH 4.2p1
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
IBM Hardware Management Console (HMC) 5.2.1
HP HP-UX B.11.23
HP HP-UX B.11.11
Gentoo net-misc/openssh 4.2
Gentoo net-misc/dropbear 0.47
Conectiva Linux 10.0
Avaya Predictive Dialing System (PDS) 11.0
Avaya Predictive Dialing System (PDS) 11.11
Avaya Predictive Dialer 0
Avaya Interactive Response 1.3
Avaya Interactive Response 1.2.1
Avaya Interactive Response 2.0
Avaya Interactive Response
Avaya Integrated Management 2.1
Avaya Integrated Management
Avaya G700 Media Gateway 3.0
Avaya DefinityOne Media Servers R9
Avaya DefinityOne Media Servers R8
Avaya DefinityOne Media Servers R7
Avaya DefinityOne Media Servers R6
Avaya DefinityOne Media Servers R12
Avaya DefinityOne Media Servers R11
Avaya DefinityOne Media Servers R10
Avaya DefinityOne Media Servers
Avaya CVLAN
Avaya CMS Server 13.0
Avaya CMS Server 12.0
Avaya CMS Server 14.0
Avaya CMS Server 13.1
Apple Mac OS X Server 10.4.8
Apple Mac OS X Server 10.4.7
Apple Mac OS X Server 10.4.6
Apple Mac OS X Server 10.4.5
Apple Mac OS X Server 10.4.4
Apple Mac OS X Server 10.4.3
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.1
Apple Mac OS X Server 10.4
Apple Mac OS X Server 10.3.9
Apple Mac OS X 10.4.8
Apple Mac OS X 10.4.7
Apple Mac OS X 10.4.6
Apple Mac OS X 10.4.5
Apple Mac OS X 10.4.4
Apple Mac OS X 10.4.3
Apple Mac OS X 10.4.2
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4
Apple Mac OS X 10.3.9
Not Vulnerable: OpenBSD OpenSSH 4.3p1
OpenBSD OpenSSH 4.3
Gentoo net-misc/openssh 4.2_p1-r1
Gentoo net-misc/dropbear 0.47-r1
Apple Mac OS X Server 10.4.9
Apple Mac OS X 10.4.9


 

Privacy Statement
Copyright 2010, SecurityFocus