CVE-2007-6415

Name of the Vulnerable Software and Affected Versions: scponly versions 4.6 and earlier scponly versions prior to 4.8

Description: The issue allows remote authenticated users to bypass intended restrictions and execute arbitrary code by invoking scp with the -F and -o options. Multiple vulnerabilities in the scponly package can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited by a remote attacker who has passed the authentication procedure.

Recommendations: For scponly versions 4.6 and earlier, update to a version later than 4.6 to resolve the issue. For scponly versions prior to 4.8, update to version 4.8 or later to fix the vulnerabilities. As a temporary workaround, consider restricting the use of the scp command with the -F and -o options until a patch is available.