openssh
Page content
- Vulnerable: 4.7p1-4kalgan1
- Unaffected: 4.7p1-4kalgan2
A weakness has been reported in OpenSSH, which can be exploited by malicious, local users to bypass certain security restrictions. The weakness is caused due to the improper implementation of the “ForceCommand” directive. This can be exploited to execute arbitrary commands via the ~/.ssh/rc file even if a “ForceCommand” directive is in effect.
- Bug Tracker URL: http://bugs.frugalware.org/task/2961