|
RCP Shell Utility Arbitrary Command Execution Vulnerability
The RCP shell utility is prone to an arbitrary command-execution vulnerability because the application fails to properly sanitize user-supplied input before using it in a 'system()' function call. This issue allows attackers to execute arbitrary shell commands with the privileges of users executing a vulnerable version of RCP. NOTE: OpenSSH SCP is a fork of RCP and is known to also be affected by this issue. |
|
|
Privacy Statement |
