CVE-2004-1161

Name of the Vulnerable Software and Affected Versions rssh versions 2.2.2 and earlier scponly versions prior to 4.0

Description The issue allows remote authenticated users to bypass intended access restrictions. This can be exploited via rdist -P, rsync, or scp -S commands. Multiple vulnerabilities in the scponly package can lead to breaches of confidentiality, integrity, and availability of protected information, and can be exploited remotely.

Recommendations For rssh versions 2.2.2 and earlier, consider updating to a version later than 2.2.2 to resolve the issue. For scponly versions prior to 4.0, update to version 4.0 or later to fix the vulnerabilities. As a temporary workaround, consider restricting access to the rdist -P, rsync, and scp -S commands until a patch is available.