Home > Vulnerability Database > CVE-2006-0225

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2006-0225

Date: January 25, 2006

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.

Severity Score

5.9

Related Resources (67)

Url: http://www.openpkg.org/security/OpenPKG-SA-2006.003-openssh.html

Url: http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00062.html

Url: http://secunia.com/advisories/18969

Url: http://securitytracker.com/id?1015540

Url: http://secunia.com/advisories/18964

Url: http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm

Url: http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102961-1

Url: http://support.avaya.com/elmodocs2/security/ASA-2006-158.htm

Url: http://secunia.com/advisories/18650

Url: http://secunia.com/advisories/18970

Url: http://www.us-cert.gov/cas/techalerts/TA07-072A.html

Url: http://secunia.com/advisories/20723

Url: ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/005_ssh.patch

Url: http://secunia.com/advisories/25936

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:034

Url: http://support.avaya.com/elmodocs2/security/ASA-2006-174.htm

Url: http://secunia.com/advisories/21492

Url: http://www.ubuntu.com/usn/usn-255-1

Url: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.425802

Url: http://www.vupen.com/english/advisories/2006/2490

Url: http://secunia.com/advisories/18736

Url: http://securityreason.com/securityalert/462

Url: http://secunia.com/advisories/18579

Url: http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688

Url: ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc

Url: http://www.novell.com/linux/security/advisories/2006_08_openssh.html

Url: http://secunia.com/advisories/18850

Url: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html

Url: http://secunia.com/advisories/23680

Url: http://www.vupen.com/english/advisories/2006/4869

Url: http://secunia.com/advisories/21262

Url: http://www.vupen.com/english/advisories/2006/0306

Url: http://secunia.com/advisories/23241

Url: http://secunia.com/advisories/22196

Url: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174026

Url: http://www.redhat.com/support/errata/RHSA-2006-0298.html

Url: http://support.avaya.com/elmodocs2/security/ASA-2007-246.htm

Url: http://www.redhat.com/support/errata/RHSA-2006-0698.html

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/24305

Url: http://secunia.com/advisories/19159

Url: http://secunia.com/advisories/18595

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-0225

Url: http://www.osvdb.org/22692

Url: http://www.redhat.com/support/errata/RHSA-2006-0044.html

Url: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112

Url: http://www.gentoo.org/security/en/glsa/glsa-200602-11.xml

Url: http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html

Url: http://www.securityfocus.com/archive/1/425397/100/0/threaded

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1138

Url: http://www.vupen.com/english/advisories/2007/2120

Url: http://blogs.sun.com/security/entry/sun_alert_102961_security_vulnerability

Url: http://secunia.com/advisories/18910

Url: http://docs.info.apple.com/article.html?artnum=305214

Url: http://secunia.com/advisories/18798

Url: http://www.vupen.com/english/advisories/2007/0930

Url: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9962

Url: http://secunia.com/advisories/24479

Url: http://secunia.com/advisories/25607

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2006-0225

Url: http://secunia.com/advisories/21129

Url: http://www.trustix.org/errata/2006/0004

Url: http://secunia.com/advisories/21724

Url: http://www.securityfocus.com/bid/16369

Url: http://secunia.com/advisories/23340

Url: https://www.mend.io/vulnerability-database/CVE-2006-0225

Severity Score

5.9

CVSS v3.1

Base Score:	5.9
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	4.6
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Do you need more information?

Contact Us