RCP Shell Utility Arbitrary Command Execution Vulnerability

info
discussion
exploit
solution
references

RCP Shell Utility Arbitrary Command Execution Vulnerability

References:

ASA-2006-158 - openssh security update (RHSA-2006-0044) (Avaya)
ASA-2006-174 - openssh security update (RHSA-2006-0298) (Avaya)
ASA-2006-262 - HP-UX Secure Shell Remote Denial of Service (HPSBUX02178) (Avaya)
Bugzilla Bug 1094 - Local to local copy (and also remote to remote) uses shell e (OpenBSD)
Bugzilla Bug 168167 â?? CVE-2006-0225 local to local copy uses shell expansion twi (RedHat)
Cisco TelePresence Video Communication Server (VCS) Homepage (Cisco)
Corrective Service Security FIX - MH00688 (PTF) (IBM)
Cumulative history and Readme for use with HMC V5 R2 and V5 R2.1 (IBM)
HPSBUX02178 SSRT061267 rev.1 - HP-UX Secure Shell Remote Denial of Service (DoS) (HP)
OpenBSD Errata Page (OpenBSD)
OpenSSH Home Page (OpenBSD)
RHSA-2006:0044-14 - openssh security update (Red Hat)
RHSA-2006:0298-4 - openssh security update (Red Hat)
RHSA-2006:0698-8 openssh security update (RedHat)
Sun Alert ID 102961 - Security Vulnerability in scp(1) May Allow Execution of Un (Sun)
ASA-2007-246 Security Vulnerability in scp(1) May Allow Execution of Unintended (Avaya)
ASA-2007-319 Security Vulnerability in the rcp(1) Command May Allow Execution of (Avaya)
Sun Alert ID 102978 - Security Vulnerability in the rcp(1) Command May Allow Exe (Sun)

Privacy Statement
Copyright 2010, SecurityFocus