CVE-2004-1161
rssh <= 2.2.2 - Authenticated Arbitrary Program Execution via rdist, rsync, or scp
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2004-1161. PoCs published by Jason Wies.
AI-analyzed exploit summary This exploit leverages a command injection vulnerability in rssh by abusing the -e option in rsync and scp commands to execute arbitrary commands. The PoC demonstrates how an attacker can create files or execute scripts on the target system.
Description
rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp -S.
Exploits (1)
This exploit leverages a command injection vulnerability in rssh by abusing the -e option in rsync and scp commands to execute arbitrary commands. The PoC demonstrates how an attacker can create files or execute scripts on the target system.