CVE-2019-3464

Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.

Date published : 2019-02-06

http://www.securityfocus.com/bid/106839

https://www.debian.org/security/2019/dsa-4382