CVE-2001-0816
OpenSSH < 2.9.9 - Authenticated Command Restriction Bypass via SFTP Commands
Title source: llmDescription
OpenSSH before 2.9.9, when running sftp using sftp-server and using restricted keypairs, allows remote authenticated users to bypass authorized_keys2 command= restrictions using sftp commands.
References (6)
Core 6
Core References
Various Sources vendor-advisory
x_refsource_immunix
http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-034-01
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2001-154.html
Vendor Advisory vendor-advisory
x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000431
Patch, Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-09/0153.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7634
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/5536
Scores
EPSS
0.0028
EPSS Percentile
51.1%
Details
Status
published
Products (1)
openbsd/openssh
< 2.9.9
Published
Dec 06, 2001
Tracked Since
Feb 18, 2026