2
Candidate: CVE-2007-6350
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6350
6
scponly 4.6 and earlier allows remote authenticated users to bypass
7
intended restrictions and execute code by invoking dangerous subcommands
8
including (1) unison, (2) rsync, (3) svn, and (4) svnserve, as originally
9
demonstrated by creating a Subversion (SVN) repository with malicious
10
hooks, then using svn to trigger execution of those hooks.
14
https://bugs.launchpad.net/ubuntu/+source/scponly/+bug/185035
18
vendor: http://www.debian.org/security/2008/dsa-1473
19
upstream_scponly: released (4.6-1.1)
20
dapper_scponly: released (4.6-1etch1build0.6.06.1)
21
edgy_scponly: needed (reached end-of-life)
22
feisty_scponly: needed (reached end-of-life)
23
gutsy_scponly: released (4.6-1.1)
24
hardy_scponly: released (4.6-1.1)
25
intrepid_scponly: released (4.6-1.1)
26
jaunty_scponly: released (4.6-1.1)
27
devel_scponly: released (4.6-1.1)