Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200512-17] scponly: Multiple privilege escalation issues Vulnerability Scan
Vulnerability Scan Summary
scponly: Multiple privilege escalation issues
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200512-17
(scponly: Multiple privilege escalation issues)
Max Vozeler discovered that the scponlyc command allows users to
chroot into arbitrary directories. Furthermore, Pekka Pessi reported
that scponly insufficiently validates command-line parameters to a scp
or rsync command.
A local attacker could gain root rights by chrooting into
arbitrary directories containing hardlinks to setuid programs. A remote
scponly user could also send malicious parameters to a scp or rsync
command that would allow to escape the shell restrictions and execute
There is no known workaround at this time.
All scponly users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/scponly-4.2"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.