CVE-2006-0225

EPSS 0.09%

Published: 1/25/2006Modified: 4/28/2026

Description

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.

Affected packages (2)

Debian/dropbearfrom 0, < 0.48-1
Debian/opensshfrom 0, < 1:4.3p2-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-0225