|
|
OpenSSH ForceCommand Command Execution Weakness
|
Bugtraq ID:
|
28531
|
|
Class:
|
Design Error
|
|
CVE:
|
|
|
Remote:
|
No
|
|
Local:
|
Yes
|
|
Published:
|
Mar 31 2008 12:00AM
|
|
Updated:
|
Aug 25 2008 09:05PM
|
|
Credit:
|
The vendor disclosed this issue.
|
|
Vulnerable:
|
Turbolinux Turbolinux Server 11 x64
Turbolinux Turbolinux Server 11
Turbolinux Appliance Server 3.0 x64
Turbolinux Appliance Server 3.0
Tevfik Karagulle cwRsync 2.0.10
Tevfik Karagulle cwRsync 2.0.9
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. SuSE Linux Open-Xchange 4.1
S.u.S.E. SUSE Linux Enterprise Server 10 SP1
S.u.S.E. SUSE Linux Enterprise Server 10
S.u.S.E. SUSE Linux Enterprise Desktop 10 SP1
S.u.S.E. SUSE Linux Enterprise Desktop 10
S.u.S.E. SUSE Linux Enterprise 10 SP1 DEBUGINFO
S.u.S.E. SUSE Linux Enterprise 10 SP1 DEBUGINFO
S.u.S.E. SLE SDK 10.SP1
S.u.S.E. SLE SDK 10
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Novell Linux POS 9
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Novell Linux Desktop 9
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 10.2 x86_64
S.u.S.E. Linux Professional 10.2
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 10.2 x86_64
S.u.S.E. Linux Personal 10.2
S.u.S.E. Linux Personal 10.1
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Enterprise Server 8
S.u.S.E. Linux Enterprise Server 7
S.u.S.E. Linux Enterprise Server 10.SP1
S.u.S.E. Linux Enterprise Server 10
+
Linux kernel 2.6.5
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
rPath rPath Linux 1
rPath Appliance Platform Linux Service 1
OpenBSD Portable OpenSSH 4.7p1
OpenBSD Portable OpenSSH 4.6p1
OpenBSD Portable OpenSSH 4.5p1
OpenBSD Portable OpenSSH 4.4p1
OpenBSD Portable OpenSSH 4.3p2
OpenBSD Portable OpenSSH 4.3p1
OpenBSD Portable OpenSSH 4.2p1
OpenBSD Portable OpenSSH 4.1p1
OpenBSD Portable OpenSSH 4.0p1
OpenBSD OpenSSH 3.8.1 p1
OpenBSD OpenSSH 3.0.2 p1
OpenBSD OpenSSH 3.0.2
OpenBSD OpenSSH 3.0.2
OpenBSD OpenSSH 3.0.1 p1
+
Trustix Secure Linux 1.5
+
Trustix Secure Linux 1.2
+
Trustix Secure Linux 1.1
OpenBSD OpenSSH 3.0.1
+
FreeBSD FreeBSD 4.4
+
FreeBSD FreeBSD 4.3
-
OpenBSD OpenBSD 2.9
-
OpenBSD OpenBSD 2.8
-
OpenBSD OpenBSD 2.7
-
OpenBSD OpenBSD 2.6
OpenBSD OpenSSH 3.0 p1
OpenBSD OpenSSH 3.0
-
OpenBSD OpenBSD 2.9
-
OpenBSD OpenBSD 2.8
-
OpenBSD OpenBSD 2.7
-
OpenBSD OpenBSD 2.6
OpenBSD OpenSSH 2.9 p2
OpenBSD OpenSSH 2.9 p1
-
Caldera OpenLinux 2.4
-
Debian Linux 2.2
-
HP HP-UX 11.11
-
IBM AIX 4.3.3
-
MandrakeSoft Corporate Server 1.0.1
-
MandrakeSoft Linux Mandrake 8.1 ia64
-
MandrakeSoft Linux Mandrake 8.1
-
MandrakeSoft Linux Mandrake 8.0 ppc
-
MandrakeSoft Linux Mandrake 8.0
-
MandrakeSoft Linux Mandrake 7.2
-
MandrakeSoft Linux Mandrake 7.1
-
MandrakeSoft Single Network Firewall 7.2
-
RedHat Linux 7.1
-
RedHat Linux 7.0
-
RedHat Linux 6.2
-
S.u.S.E. Linux 7.1
-
S.u.S.E. Linux 7.0
-
SCO eDesktop 2.4
-
SCO eServer 2.3.1
-
SGI IRIX 6.5.9
-
Sun Solaris 8
-
Sun Solaris 7.0
-
Sun Solaris 2.6
OpenBSD OpenSSH 2.9
+
FreeBSD FreeBSD 4.4
+
OpenBSD OpenBSD 2.9
OpenBSD OpenSSH 2.5.2 p2
+
RedHat Linux 7.0
OpenBSD OpenSSH 2.5.2
OpenBSD OpenSSH 2.3.1 p1
OpenBSD OpenSSH 2.3.1
OpenBSD OpenSSH 2.2 .x
OpenBSD OpenSSH 2.2 .0
OpenBSD OpenSSH 2.1.1 p1
OpenBSD OpenSSH 2.1.1
OpenBSD OpenSSH 2.1 .x
OpenBSD OpenSSH 2.1
OpenBSD OpenSSH 1.2.3
OpenBSD OpenSSH 1.2
OpenBSD OpenSSH 1.0 .x
OpenBSD OpenSSH 4.8
OpenBSD OpenSSH 4.7
OpenBSD OpenSSH 4.6
OpenBSD OpenSSH 4.5
OpenBSD OpenSSH 4.4
OpenBSD OpenSSH 4.3p1
OpenBSD OpenSSH 4.3
OpenBSD OpenSSH 4.2p1
OpenBSD OpenSSH 4.2
OpenBSD OpenSSH 4.1
OpenBSD OpenSSH 4.0
OpenBSD OpenSSH 3.9 p1
OpenBSD OpenBSD 2.9
OpenBSD OpenBSD 2.8
OpenBSD OpenBSD 2.7
OpenBSD OpenBSD 2.6
OpenBSD OpenBSD 2.5
OpenBSD OpenBSD 2.4
OpenBSD OpenBSD 2.3
OpenBSD OpenBSD 2.2
OpenBSD OpenBSD 2.1
OpenBSD OpenBSD 2.0
OpenBSD OpenBSD 4.3
OpenBSD OpenBSD 4.2
OpenBSD OpenBSD 4.1
OpenBSD OpenBSD 4.0
OpenBSD OpenBSD 3.9
OpenBSD OpenBSD 3.8
OpenBSD OpenBSD 3.7
OpenBSD OpenBSD 3.6
OpenBSD OpenBSD 3.5
OpenBSD OpenBSD 3.4
OpenBSD OpenBSD 3.3
OpenBSD OpenBSD 3.2
OpenBSD OpenBSD 3.1
OpenBSD OpenBSD 3.0
NetBSD NetBSD 3.0.2
NetBSD NetBSD 3.0.1
NetBSD NetBSD Current
NetBSD NetBSD 4.0
NetBSD NetBSD 3.1
Navision Financials Server 3.0
MandrakeSoft Linux Mandrake 2008.1 x86_64
MandrakeSoft Linux Mandrake 2008.1
MandrakeSoft Linux Mandrake 2008.0 x86_64
MandrakeSoft Linux Mandrake 2008.0
MandrakeSoft Linux Mandrake 2007.1 x86_64
MandrakeSoft Linux Mandrake 2007.1
IBM AIX 6.1
IBM AIX 5.3
IBM AIX 5.2
Gentoo Linux
Attachmate Reflection for Secure IT 7.0
|
|
|
|
Not Vulnerable:
|
Tevfik Karagulle cwRsync 2.1.2
OpenBSD Portable OpenSSH 4.9p1
OpenBSD OpenSSH 4.9
Attachmate Reflection for Secure IT 7.0 SP1
|
|
|
