Summary
The remote host is missing an update to rssh
announced via advisory DSA 2530-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202530-1
Insight
Henrik Erkkonen discovered that rssh, a restricted shell for SSH, does not properly restrict shell access.
For the stable distribution (squeeze), this problem has been fixed in version 2.3.2-13squeeze1.
For the unstable distribution (sid), this problem has been fixed in version 2.3.3-5.
We recommend that you upgrade your rssh packages.
Severity
Classification
-
CVE CVE-2012-3478 -
CVSS Base Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N
Related Vulnerabilities