Vulnerability Description
rssh 2.0.0 through 2.2.3 allows local users to bypass access restrictions and gain root privileges by using the rssh_chroot_helper command to chroot to an external directory.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rssh | Rssh | 2.0 |
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=344424
- http://secunia.com/advisories/18224PatchVendor Advisory
- http://secunia.com/advisories/18237PatchVendor Advisory
- http://securityreason.com/securityalert/308
- http://www.gentoo.org/security/en/glsa/glsa-200512-15.xmlPatchVendor Advisory
- http://www.pizzashack.org/rssh/security.shtml
- http://www.securityfocus.com/bid/16050Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23854
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=344424
- http://secunia.com/advisories/18224PatchVendor Advisory
- http://secunia.com/advisories/18237PatchVendor Advisory
- http://securityreason.com/securityalert/308
- http://www.gentoo.org/security/en/glsa/glsa-200512-15.xmlPatchVendor Advisory
- http://www.pizzashack.org/rssh/security.shtml
- http://www.securityfocus.com/bid/16050Patch
FAQ
What is CVE-2005-3345?
CVE-2005-3345 is a vulnerability with a CVSS score of 7.2 (HIGH). rssh 2.0.0 through 2.2.3 allows local users to bypass access restrictions and gain root privileges by using the rssh_chroot_helper command to chroot to an external directory.
How severe is CVE-2005-3345?
CVE-2005-3345 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3345?
Check the references section above for vendor advisories and patch information. Affected products include: Rssh Rssh.