CVE-2012-2252

Name of the Vulnerable Software and Affected Versions rssh versions prior to 2.3.4

Description The issue concerns multiple vulnerabilities in the rssh package, which can be exploited locally to compromise the confidentiality, integrity, and availability of protected information. The vulnerabilities can be exploited by a local attacker. Specifically, there is an incomplete blacklist vulnerability in rssh when the rsync protocol is enabled, allowing local users to bypass restricted shell access via the --rsh command line option.

Recommendations For versions prior to 2.3.4, update to version 2.3.4 or later to resolve the issue. As a temporary workaround, consider disabling the rsync protocol to minimize the risk of exploitation. Restrict access to the rssh package to minimize the risk of local attackers bypassing intended restricted shell access.