CVE-2012-2251

Name of the Vulnerable Software and Affected Versions rssh version 2.3.2

Description The issue allows local users to bypass intended restricted shell access. This can be achieved via the -e or -- command line option. Multiple vulnerabilities in the rssh package may lead to a breach of confidentiality, integrity, and availability of protected information. A local attacker can exploit these vulnerabilities.

Recommendations For rssh version 2.3.2, consider restricting access to the -e and -- command line options as a temporary workaround until a patch is available. Restrict the use of the rsync protocol to minimize the risk of exploitation.