CVE Database


Impact: Low
Public: 2005-09-28
Bugzilla: 168167: CVE-2006-0225 local to local copy uses shell expansion twice
IAVA: 2012-A-0136


The MITRE CVE dictionary describes this issue as:

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.

Find out more about CVE-2006-0225 from the MITRE CVE dictionary and NIST NVD.


This issue was addressed in Red Hat Enterprise Linux 2.1, 3 and 4:
Issue was fixed upstream in version 4.3. The openssh packages in Red Hat Enterprise Linux 5 are based on the fixed upstream version and were not affected by this flaw.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (openssh) RHSA-2006:0698 September 29, 2006
Red Hat Enterprise Linux version 3 (openssh) RHSA-2006:0298 July 20, 2006
Red Hat Enterprise Linux version 4 (openssh) RHSA-2006:0044 March 07, 2006

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.