[原文]rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp -S.
rssh is reported prone to a remote arbitrary command execution vulnerability. This issue may allow a remote attacker to execute commands and scripts on a vulnerable computer and eventually allow an attacker to gain elevated privileges on a vulnerable computer.
All versions of rssh are considered vulnerable at the moment.
ssh restricteduser@remotehost 'rsync -e "touch /tmp/example --" localhost:/dev/null /tmp'
scp command.sh restricteduser@remotehost:/tmp/command.sh
ssh restricteduser@remotehost 'scp -S /tmp/command.sh localhost:/dev/null /tmp'
rssh contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the scp, rdist, and rsync applications permitting flags that specify remote commands for execution. The issues exist with the scp -S, rdist -P, and rsync -e commands.
Upgrade to version 2.2.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.