CVE-2012-3478

Name of the Vulnerable Software and Affected Versions rssh versions 2.3.3 and earlier

Description The issue allows local users to bypass intended restricted shell access. This can be achieved via crafted environment variables in the command line. Multiple vulnerabilities in the rssh package can lead to violations of confidentiality, integrity, and availability of protected information. Exploitation of these vulnerabilities can be performed locally.

Recommendations For versions 2.3.3 and earlier, update to version 2.3.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of environment variables in the command line until a patch is available.