rssh: Access restriction bypass — GLSA 201311-19

Multiple vulnerabilities have been found in rssh, allowing local attackers to bypass access restrictions.

Affected packages

app-shells/rssh on all architectures
Affected versions < 2.3.4
Unaffected versions >= 2.3.4

Background

rssh is a restricted shell, allowing only a few commands like scp or sftp. It is often used as a complement to OpenSSH to provide limited access to users.

Description

Multiple command line parsing and validation vulnerabilities have been discovered in rssh. Please review the CVE identifiers referenced below for details.

Impact

Multiple parsing and validation vulnerabilities can cause the restrictions set up by rssh to be bypassed.

Workaround

There is no known workaround at this time.

Resolution

All rssh users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-shells/rssh-2.3.4"
 

References

Release date
November 28, 2013

Latest revision
November 28, 2013: 1

Severity
normal

Exploitable
local

Bugzilla entries