Vulnerability Description
Argument injection vulnerability in scponlyc in scponly 4.1 and earlier, when both scp and rsync compatibility are enabled, allows local users to execute arbitrary applications via "getopt" style argument specifications, which are not filtered.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Scponly | Scponly | 2.0 |
References
- http://secunia.com/advisories/18223PatchVendor Advisory
- http://secunia.com/advisories/18236
- http://sublimation.org/scponly/#relnotes
- http://www.gentoo.org/security/en/glsa/glsa-200512-17.xml
- http://www.securityfocus.com/bid/16051
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23875
- http://secunia.com/advisories/18223PatchVendor Advisory
- http://secunia.com/advisories/18236
- http://sublimation.org/scponly/#relnotes
- http://www.gentoo.org/security/en/glsa/glsa-200512-17.xml
- http://www.securityfocus.com/bid/16051
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23875
FAQ
What is CVE-2005-4533?
CVE-2005-4533 is a vulnerability with a CVSS score of 7.5 (HIGH). Argument injection vulnerability in scponlyc in scponly 4.1 and earlier, when both scp and rsync compatibility are enabled, allows local users to execute arbitrary applications via "getopt" style argu...
How severe is CVE-2005-4533?
CVE-2005-4533 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-4533?
Check the references section above for vendor advisories and patch information. Affected products include: Scponly Scponly.