Vulnerability Description
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve, as originally demonstrated by creating a Subversion (SVN) repository with malicious hooks, then using svn to trigger execution of those hooks.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Scponly | Scponly | <= 4.6 |
Related Weaknesses (CWE)
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437148
- http://bugs.gentoo.org/show_bug.cgi?id=201726
- http://osvdb.org/44137
- http://scponly.cvs.sourceforge.net/scponly/scponly/SECURITY?view=markup
- http://secunia.com/advisories/28123Vendor Advisory
- http://secunia.com/advisories/28538Vendor Advisory
- http://secunia.com/advisories/28944Vendor Advisory
- http://secunia.com/advisories/28981Vendor Advisory
- http://security.gentoo.org/glsa/glsa-200802-06.xml
- http://www.debian.org/security/2008/dsa-1473
- http://www.securityfocus.com/bid/26900
- http://www.securitytracker.com/id?1019103
- http://www.vupen.com/english/advisories/2007/4243Vendor Advisory
- https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00546.h
- https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00595.h
FAQ
What is CVE-2007-6350?
CVE-2007-6350 is a vulnerability with a CVSS score of 8.5 (HIGH). scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve,...
How severe is CVE-2007-6350?
CVE-2007-6350 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-6350?
Check the references section above for vendor advisories and patch information. Affected products include: Scponly Scponly.