An arbitrary command execution flaw was discovered in the way scp copies files locally. The risk is LOW. A local attacker could execute arbitrary commands.
Hi,
We have 4 vulnerabilities in our AIX servers and the files to be installed are as follows:
File to be installed
OpenSSH_6.0.0.6102
OpenSSH_6.0.0.6107
OpenSSH_6.0.0.6110
Openssh_fix8
My question is, can we install the Openss_fix8 directly to resolve all the issues or should we... (2 Replies)
SMRSH(8) System Manager's Manual SMRSH(8)NAME
smrsh - restricted shell for sendmail
SYNOPSIS
smrsh -c command
DESCRIPTION
The smrsh program is intended as a replacement for sh for use in the ``prog'' mailer in sendmail(8) configuration files. It sharply limits
the commands that can be run using the ``|program'' syntax of sendmail in order to improve the over all security of your system. Briefly,
even if a ``bad guy'' can get sendmail to run a program without going through an alias or forward file, smrsh limits the set of programs
that he or she can execute.
Briefly, smrsh limits programs to be in a single directory, by default /usr/lib/sendmail.d/bin/ allowing the system administrator to choose
the set of acceptable commands, and to the shell builtin commands ``exec'', ``exit'', and ``echo''. It also rejects any commands with the
characters ``', `<', `>', `;', `$', `(', `)', `
' (carriage return), or `
' (newline) on the command line to prevent ``end run'' attacks.
It allows ``||'' and ``&&'' to enable commands like: ``"|exec /usr/local/bin/filter || exit 75"''
Initial pathnames on programs are stripped, so forwarding to ``/usr/bin/vacation'', ``/usr/bin/vacation'', ``/home/server/mydir/bin/vaca-
tion'', and ``vacation'' all actually forward to `/usr/lib/sendmail.d/bin/vacation''.
System administrators should be conservative about populating the /usr/lib/sendmail.d/bin/ directory. For example, a reasonable additions
is vacation(1), and the like. No matter how brow-beaten you may be, never include any shell or shell-like program (such as perl(1)) in the
/usr/lib/sendmail.d/bin/ directory. Note that this does not restrict the use of shell or perl scripts in the /usr/lib/sendmail.d/bin/
directory (using the ``#!'' syntax); it simply disallows execution of arbitrary programs. Also, including mail filtering programs such as
procmail(1) is a very bad idea. procmail(1) allows users to run arbitrary programs in their procmailrc(5).
COMPILATION
Compilation should be trivial on most systems. You may need to use -DSMRSH_PATH="path" to adjust the default search path (defaults to
``/bin:/usr/bin'') and/or -DSMRSH_CMDDIR="dir" to change the default program directory (defaults to ``/usr/lib/sendmail.d/bin/'').
FILES
/usr/lib/sendmail.d/bin/ - default directory for restricted programs on SuSE Linux
SEE ALSO sendmail(8)
$Date: 2004/08/06 03:55:35 $ SMRSH(8)