Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell

Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should

rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerab

Incomplete blacklist vulnerability in rssh before 2.3.4, when the rsync protocol is enabled, allows local users to bypass intended

rssh 2.3.2, as used by Debian, Fedora, and others, when the rsync protocol is enabled, allows local users to bypass intended restr

rssh 2.3.3 and earlier allows local users to bypass intended restricted shell access via crafted environment variables in the comm

util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and a

rssh 2.0.0 through 2.2.3 allows local users to bypass access restrictions and gain root privileges by using the rssh_chroot_helper

rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass

rssh 2.0 through 2.1.x expands command line arguments before entering a chroot jail, which allows remote authenticated users to de

Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execute arbitrary code.