CVE-2004-0609

Name of the Vulnerable Software and Affected Versions rssh versions 2.0 through 2.1.x

Description The issue allows remote authenticated users to determine the existence of files in a directory outside the jail by expanding command line arguments before entering a chroot jail.

Recommendations For versions 2.0 through 2.1.x, consider restricting access to sensitive directories until a patch is available. As a temporary workaround, limit the ability of remote authenticated users to execute commands that could exploit this issue.