CVE-2008-1657

Published: 02 April 2008

OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .ssh/rc session file.

Priority

Low

Status

Package Release Status
openssh
Launchpad, Ubuntu, Debian
Upstream
Released (1:4.7p1-8)
Patches:
Vendor: http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html