exploits , vulnerabilities , articles , OpenSSH ForceCommand Command Execution Weakness

Title	OpenSSH ForceCommand Command Execution Weakness
Published	2008-03-31-12:00AM
Updated	2008-04-01-01:49AM
Class	Design Error
CVE
Remote	No
Local	Yes
Credit	The vendor disclosed this issue.
Vulnerable	OpenBSD Portable OpenSSH 4.7p1 OpenBSD Portable OpenSSH 4.6p1 OpenBSD Portable OpenSSH 4.5p1 OpenBSD Portable OpenSSH 4.4p1 OpenBSD Portable OpenSSH 4.3p2 OpenBSD Portable OpenSSH 4.3p1 OpenBSD Portable OpenSSH 4.2p1 OpenBSD Portable OpenSSH 4.1p1 OpenBSD Portable OpenSSH 4.0p1 OpenBSD OpenSSH 3.8.1 p1 OpenBSD OpenSSH 3.0.2 p1 OpenBSD OpenSSH 3.0.2 OpenBSD OpenSSH 3.0.2 OpenBSD OpenSSH 3.0.1 p1 Trustix Secure Linux 1.5 Trustix Secure Linux 1.2 Trustix Secure Linux 1.1 OpenBSD OpenSSH 3.0.1 FreeBSD FreeBSD 4.4 FreeBSD FreeBSD 4.3 OpenBSD OpenBSD 2.9 OpenBSD OpenBSD 2.8 OpenBSD OpenBSD 2.7 OpenBSD OpenBSD 2.6 OpenBSD OpenSSH 3.0 p1 OpenBSD OpenSSH 3.0 OpenBSD OpenBSD 2.9 OpenBSD OpenBSD 2.8 OpenBSD OpenBSD 2.7 OpenBSD OpenBSD 2.6 OpenBSD OpenSSH 2.9 p2 Caldera OpenLinux Server 3.1 Caldera OpenLinux Server 3.1 Caldera OpenLinux Workstation 3.1 Caldera OpenLinux Workstation 3.1 HP Secure OS software for Linux 1.0 HP Secure OS software for Linux 1.0 RedHat Linux 7.2 i386 RedHat Linux 7.2 i386 RedHat Linux 7.1 ia64 RedHat Linux 7.1 ia64 RedHat Linux 7.1 i386 RedHat Linux 7.1 i386 RedHat Linux 7.1 alpha RedHat Linux 7.1 alpha RedHat Linux 7.0 i386 RedHat Linux 7.0 i386 RedHat Linux 7.0 alpha RedHat Linux 7.0 alpha OpenBSD OpenSSH 2.9 p1 Caldera OpenLinux 2.4 Debian Linux 2.2 HP HPUX 11.11 IBM AIX 4.3.3 MandrakeSoft Corporate Server 1.0.1 MandrakeSoft Linux Mandrake 8.1 ia64 MandrakeSoft Linux Mandrake 8.1 MandrakeSoft Linux Mandrake 8.0 ppc MandrakeSoft Linux Mandrake 8.0 MandrakeSoft Linux Mandrake 7.2 MandrakeSoft Linux Mandrake 7.1 MandrakeSoft Single Network Firewall 7.2 RedHat Linux 7.1 RedHat Linux 7.0 RedHat Linux 6.2 S.u.S.E. Linux 7.1 S.u.S.E. Linux 7.0 SCO eDesktop 2.4 SCO eServer 2.3.1 SGI IRIX 6.5.9 Sun Solaris 7.0 Sun Solaris 2.6 Sun Solaris 8 OpenBSD OpenSSH 2.9 FreeBSD FreeBSD 4.4 OpenBSD OpenBSD 2.9 OpenBSD OpenSSH 2.5.2 p2 RedHat Linux 7.0 OpenBSD OpenSSH 2.5.2 OpenBSD OpenSSH 2.3.1 p1 OpenBSD OpenSSH 2.3.1 OpenBSD OpenBSD 2.8 OpenBSD OpenBSD 2.7 OpenBSD OpenBSD 2.6 OpenBSD OpenSSH 2.2 .x Conectiva Linux 6.0 Debian Linux 2.2 sparc Debian Linux 2.2 powerpc Debian Linux 2.2 arm Debian Linux 2.2 alpha Debian Linux 2.2 68k Debian Linux 2.2 FreeBSD FreeBSD 5.0 FreeBSD FreeBSD 4.2 FreeBSD FreeBSD 4.1.1 HP HPUX 11.11 MandrakeSoft Linux Mandrake 7.2 MandrakeSoft Linux Mandrake 7.1 MandrakeSoft Linux Mandrake 7.0 NetBSD NetBSD 1.4.2 OpenBSD OpenBSD 2.8 OpenBSD OpenBSD 2.7 RedHat Linux 7.0 S.u.S.E. Linux 7.0 Sun Solaris 8 Trustix Trustix Secure Linux 1.1 Trustix Trustix Secure Linux 1.0 OpenBSD OpenSSH 2.2 .0 OpenBSD OpenSSH 2.1.1 p1 Trustix Secure Linux 1.5 Trustix Secure Linux 1.2 Trustix Secure Linux 1.1 OpenBSD OpenSSH 2.1.1 OpenBSD OpenSSH 2.1 .x OpenBSD OpenSSH 2.1 OpenBSD OpenSSH 1.2.3 Debian Linux 2.2 sparc Debian Linux 2.2 powerpc Debian Linux 2.2 arm Debian Linux 2.2 alpha Debian Linux 2.2 68k Debian Linux 2.2 OpenBSD OpenSSH 1.2 OpenBSD OpenSSH 1.0 .x OpenBSD OpenSSH 4.8 OpenBSD OpenSSH 4.7 OpenBSD OpenSSH 4.6 OpenBSD OpenSSH 4.5 OpenBSD OpenSSH 4.4 OpenBSD OpenSSH 4.3p1 OpenBSD OpenSSH 4.3 OpenBSD OpenSSH 4.2p1 OpenBSD OpenSSH 4.2 OpenBSD OpenSSH 4.1 OpenBSD OpenSSH 4.0 OpenBSD OpenSSH 3.9 p1 OpenBSD OpenBSD 2.9 OpenBSD OpenBSD 2.8 OpenBSD OpenBSD 2.7 OpenBSD OpenBSD 2.6 OpenBSD OpenBSD 2.5 OpenBSD OpenBSD 2.4 OpenBSD OpenBSD 2.3 OpenBSD OpenBSD 2.2 OpenBSD OpenBSD 2.1 OpenBSD OpenBSD 2.0 OpenBSD OpenBSD 4.3 OpenBSD OpenBSD 4.2 OpenBSD OpenBSD 4.1 OpenBSD OpenBSD 4.0 OpenBSD OpenBSD 3.9 OpenBSD OpenBSD 3.8 OpenBSD OpenBSD 3.7 OpenBSD OpenBSD 3.6 OpenBSD OpenBSD 3.5 OpenBSD OpenBSD 3.4 OpenBSD OpenBSD 3.3 OpenBSD OpenBSD 3.2 OpenBSD OpenBSD 3.1 OpenBSD OpenBSD 3.0
Not Vulnerable	OpenBSD Portable OpenSSH 4.9p1 OpenBSD OpenSSH 4.9
Code	Attackers use readily available utilities to exploit this issue.
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-04 Achievo Document Types Section Arbitrary File Upload Vulnerability
2009-12-04 Achievo Scheduler Category HTML Injection Vulnerability
2009-12-04 Yoast Google Analytics for WordPress Plugin 404 Error Page Cross Site Scripting Vulnerability
2009-12-04 DevIL DICOM File Handling Remote Buffer Overflow Vulnerability
2009-12-04 Invision Power Board Local File Include and SQL Injection Vulnerabilities
2009-12-04 Mozilla Firefox Yoono Extension DOM Event Handler Cross Domain Scripting Vulnerability
2009-12-04 UBB.threads Multiple File Include Vulnerabilities
2009-12-04 Expat Unspecified XML Parsing Remote Denial of Service Vulnerability
2009-12-04 Apple Mac OS X Java Applet Certificate Validation Security Bypass Vulnerability
2009-12-04 QEMU Virtio Networking Remote Denial of Service Vulnerability