CVE-2006-0225 — Openssh vulnerability

13 documents8 sources

Severity

4.6MEDIUMNVD

EPSS

0.1%

top 74.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openbsd Openssh

Timeline

PublishedJan 25

Latest updateMay 3

Description

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

▶Debianopenbsd/openssh< 1:4.3p2-1+3

▶NVDopenbsd/openssh33 versions+32

Patches

Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-fjc8-474c-2xx3: scp in OpenSSH 4↗2022-05-03

▶

CVEList

CVE-2006-0225: scp in OpenSSH 4↗2006-01-25

▶

OSV

CVE-2006-0225: scp in OpenSSH 4↗2006-01-25

▶

📋Vendor Advisories

Red Hat

kernel: use flag in do_coredump()↗2009-11-12

▶

Ubuntu

openssh vulnerability↗2006-02-22

▶

Debian

CVE-2006-0225: dropbear - scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filename...↗2006

▶

Red Hat

local to local copy uses shell expansion twice↗2005-09-28

▶

💬Community

Bugzilla

CVE-2006-4924 openssh DoS (also CVE-2006-5051) (also for RHL7.3: CVE-2006-0225, CVE-2003-0386)↗2006-09-30

▶

Bugzilla

CVE-2006-0225 local to local copy uses shell expansion twice↗2006-02-01

▶

Bugzilla

CVE-2006-0225 local to local copy uses shell expansion twice↗2005-11-23

▶

Bugzilla

CVE-2006-0225 local to local copy uses shell expansion twice↗2005-10-11

▶

Bugzilla

CAN-2005-2798, CAN-2004-2069, CVE-2006-0225 OpenSSH vulnerabilities↗2005-09-21

▶