Red Hat Customer Portal

Skip to main content


Public Date:
168167: CVE-2006-0225 local to local copy uses shell expansion twice

The MITRE CVE dictionary describes this issue as:

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.

Find out more about CVE-2006-0225 from the MITRE CVE dictionary dictionary and NIST NVD.


This issue was addressed in Red Hat Enterprise Linux 2.1, 3 and 4:

Issue was fixed upstream in version 4.3. The openssh packages in Red Hat Enterprise Linux 5 are based on the fixed upstream version and were not affected by this flaw.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 (openssh) RHSA-2006:0298 2006-07-20
Red Hat Enterprise Linux 4 (openssh) RHSA-2006:0044 2006-03-07
Red Hat Enterprise Linux 2.1 (openssh) RHSA-2006:0698 2006-09-29

Last Modified