PublicDateAtUSN: 2019-02-06
Candidate: CVE-2019-3463
PublicDate: 2019-02-06 19:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3463
 https://tracker.debian.org/news/1026713/accepted-rssh-234-5deb9u2-source-amd64-into-stable-embargoed-stable/
 https://salsa.debian.org/debian/rssh/commit/3536b6d8e77ece7d66215fe1d08cf633d6b1c97b (regression fix)
 https://ubuntu.com/security/notices/USN-3946-1
Description:
 Insufficient sanitization of arguments passed to rsync can bypass the
 restrictions imposed by rssh, a restricted shell that should restrict users
 to perform only rsync operations, resulting in the execution of arbitrary
 shell commands.
Ubuntu-Description:
Notes:
 sbeattie> when fixing bionic and cosmic, note regression introduced
    in included fix (debian bug #921655)
Bugs:
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921655
Priority: high
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]


Patches_rssh:
upstream_rssh: released (2.3.4-10)
precise/esm_rssh: DNE
trusty_rssh: released (2.3.4-4+deb8u2build0.14.04.1)
trusty/esm_rssh: released (2.3.4-4+deb8u2build0.14.04.1)
xenial_rssh: released (2.3.4-4+deb8u2build0.16.04.1)
bionic_rssh: released (2.3.4-7ubuntu0.1)
cosmic_rssh: released (2.3.4-8ubuntu0.2)
devel_rssh: DNE