Debian: CVE-2019-1000018: rssh -- security update Vulnerability
- Severity: 5
- Published: February 14, 2019
rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. This attack appear to be exploitable via An authorized SSH user with the allowscp permission.