CVE-2006-0225

Publication date 25 January 2006

Last updated 24 July 2024


Ubuntu priority

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
dropbear 7.04 feisty
Fixed 0.48.1-1
6.10 edgy
Fixed 0.48.1-1
6.06 LTS dapper
Fixed 0.48.1-1
openssh 7.04 feisty
Fixed 4.3p2-5ubuntu1
6.10 edgy
Fixed 4.3p2-5ubuntu1
6.06 LTS dapper
Fixed 4.2p1-7ubuntu3.1

References

Related Ubuntu Security Notices (USN)

    • USN-255-1
    • openssh vulnerability
    • 22 February 2006

Other references