PublicDate: 2007-12-14 20:46:00 UTC
Candidate: CVE-2007-6350
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6350
Description:
 scponly 4.6 and earlier allows remote authenticated users to bypass
 intended restrictions and execute code by invoking dangerous subcommands
 including (1) unison, (2) rsync, (3) svn, and (4) svnserve, as originally
 demonstrated by creating a Subversion (SVN) repository with malicious
 hooks, then using svn to trigger execution of those hooks.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/scponly/+bug/185035
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 
Patches_scponly:
 vendor: http://www.debian.org/security/2008/dsa-1473
upstream_scponly: released (4.6-1.1)
dapper_scponly: released (4.6-1etch1build0.6.06.1)
edgy_scponly: needed (reached end-of-life)
feisty_scponly: needed (reached end-of-life)
gutsy_scponly: released (4.6-1.1)
hardy_scponly: released (4.6-1.1)
intrepid_scponly: released (4.6-1.1)
jaunty_scponly: released (4.6-1.1)
devel_scponly: released (4.6-1.1)