Vulnerability Details : CVE-2006-0225
scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
Products affected by CVE-2006-0225
- cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*
Threat overview for CVE-2006-0225
Top countries where our scanners detected CVE-2006-0225
Top open port discovered on systems with this issue
22
IPs affected by CVE-2006-0225 43,921
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2006-0225!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2006-0225
0.11%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 26 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-0225
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
Vendor statements for CVE-2006-0225
-
Red Hat 2009-09-09This issue was addressed in Red Hat Enterprise Linux 2.1, 3 and 4: https://rhn.redhat.com/errata/CVE-2006-0225.html https://www.redhat.com/security/data/cve/CVE-2006-0225.html Issue was fixed upstream in version 4.3. The openssh packages in Red Hat Enterprise Linux 5 are based on the fixed upstream version and were not affected by this flaw.
References for CVE-2006-0225
-
http://www.vupen.com/english/advisories/2006/4869
Site en construction
-
http://secunia.com/advisories/19159
About Secunia Research | Flexera
-
http://secunia.com/advisories/22196
About Secunia Research | Flexera
-
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.425802
-
http://www.osvdb.org/22692
404 Not Found
-
http://www.vupen.com/english/advisories/2006/0306
Site en construction
-
http://secunia.com/advisories/20723
About Secunia Research | Flexera
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1138
404 Not Found
-
http://secunia.com/advisories/21129
About Secunia Research | Flexera
-
http://secunia.com/advisories/23340
About Secunia Research | Flexera
-
http://docs.info.apple.com/article.html?artnum=305214
-
http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm
ASA-2006-262 HP-UX Secure Shell Remote Denial of Service (HPSBUX02178)
-
http://secunia.com/advisories/18850
About Secunia Research | Flexera
-
http://securitytracker.com/id?1015540
Access Denied
-
http://secunia.com/advisories/18736
About Secunia Research | Flexera
-
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/005_ssh.patch
-
http://www.vupen.com/english/advisories/2006/2490
Site en construction
-
http://support.avaya.com/elmodocs2/security/ASA-2006-174.htm
ASA-2006-174 (RHSA-2006-0298)
-
http://secunia.com/advisories/18969
About Secunia Research | Flexera
-
http://secunia.com/advisories/24479
About Secunia Research | Flexera
-
http://www.redhat.com/support/errata/RHSA-2006-0698.html
Support
-
http://secunia.com/advisories/21262
About Secunia Research | Flexera
-
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
Page Not Found | CISAUS Government Resource
-
http://blogs.sun.com/security/entry/sun_alert_102961_security_vulnerability
Not Found
-
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
VMware vSphere Documentation
-
http://www.mandriva.com/security/advisories?name=MDKSA-2006:034
Mandriva
-
http://secunia.com/advisories/21492
About Secunia Research | Flexera
-
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
VMware vSphere Documentation
-
http://support.avaya.com/elmodocs2/security/ASA-2006-158.htm
ASA-2006-158 (RHSA-2006-0044)
-
http://www.securityfocus.com/bid/16369
-
ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc
-
http://www.novell.com/linux/security/advisories/2006_08_openssh.html
404 Page Not Found | SUSE
-
http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688
404 Not Found
-
http://secunia.com/advisories/18650
About Secunia Research | Flexera
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/24305
OpenSSH SCP shell expansion command execution CVE-2006-0225 Vulnerability Report
-
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174026
174026 – CVE-2006-0225 local to local copy uses shell expansion twice
-
http://secunia.com/advisories/18964
About Secunia Research | Flexera
-
http://secunia.com/advisories/18798
About Secunia Research | Flexera
-
http://www.securityfocus.com/archive/1/425397/100/0/threaded
-
http://www.ubuntu.com/usn/usn-255-1
USN-255-1: openssh vulnerability | Ubuntu security notices | Ubuntu
-
http://secunia.com/advisories/18970
About Secunia Research | Flexera
-
http://secunia.com/advisories/18595
About Secunia Research | FlexeraPatch;Vendor Advisory
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102961-1
-
http://secunia.com/advisories/18579
About Secunia Research | Flexera
-
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751
404 Not Found
-
http://www.vupen.com/english/advisories/2007/0930
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
-
http://secunia.com/advisories/25936
About Secunia Research | Flexera
-
http://www.gentoo.org/security/en/glsa/glsa-200602-11.xml
OpenSSH, Dropbear: Insecure use of system() call (GLSA 200602-11) — Gentoo security
-
http://secunia.com/advisories/18910
About Secunia Research | Flexera
-
http://securityreason.com/securityalert/462
openssh vulnerability - CXSecurity.com
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9962
404 Not Found
-
http://www.vupen.com/english/advisories/2007/2120
Site en construction
-
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
-
http://secunia.com/advisories/25607
About Secunia Research | Flexera
-
http://www.redhat.com/support/errata/RHSA-2006-0044.html
Support
-
http://www.trustix.org/errata/2006/0004
Trustix | Empowering Trust and Security in the Digital Age
-
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112
-
http://secunia.com/advisories/23680
About Secunia Research | Flexera
-
http://www.openpkg.org/security/OpenPKG-SA-2006.003-openssh.html
-
http://www.redhat.com/support/errata/RHSA-2006-0298.html
Support
-
http://support.avaya.com/elmodocs2/security/ASA-2007-246.htm
ASA-2007-246 (SUN 102961)
-
http://secunia.com/advisories/21724
About Secunia Research | Flexera
-
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00062.html
[SECURITY] Fedora Core 4 Update: openssh-4.2p1-fc4.10
-
http://secunia.com/advisories/23241
About Secunia Research | Flexera
Jump to