• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

RCP Shell Utility Arbitrary Command Execution Vulnerability

References:

• Apple Homepage (Apple)
  
• ASA-2006-158 - openssh security update (RHSA-2006-0044) (Avaya)
  
• ASA-2006-174 - openssh security update (RHSA-2006-0298) (Avaya)
  
• ASA-2006-262 - HP-UX Secure Shell Remote Denial of Service (HPSBUX02178) (Avaya)
  
• Bugzilla Bug 1094 - Local to local copy (and also remote to remote) uses shell e (OpenBSD)
  
• Bugzilla Bug 168167 â?? CVE-2006-0225 local to local copy uses shell expansion twi (RedHat)
  
• Corrective Service Security FIX - MH00688 (PTF) (IBM)
  
• Cumulative history and Readme for use with HMC V5 R2 and V5 R2.1 (IBM)
  
• HPSBUX02178 SSRT061267 rev.1 - HP-UX Secure Shell Remote Denial of Service (DoS) (HP)
  
• OpenBSD Errata Page (OpenBSD)
  
• OpenSSH Home Page (OpenBSD)
  
• RHSA-2006:0044-14 - openssh security update (Red Hat)
  
• RHSA-2006:0298-4 - openssh security update (Red Hat)
  
• RHSA-2006:0698-8 openssh security update (RedHat)
  
• Sun Alert ID 102961 - Security Vulnerability in scp(1) May Allow Execution of Un (Sun)
  
• ASA-2007-246 Security Vulnerability in scp(1) May Allow Execution of Unintended (Avaya)
  
• ASA-2007-319 Security Vulnerability in the rcp(1) Command May Allow Execution of (Avaya)
  
• Sun Alert ID 102978 - Security Vulnerability in the rcp(1) Command May Allow Exe (Sun)