Total vulnerabilities in the database
scponlyc in scponly 4.1 and earlier, when the operating system supports LD_PRELOAD mechanisms, allows local users to execute arbitrary code with root privileges by creating a chroot directory in their home directory, hard linking to a system setuid application, and using a modified LD_PRELOAD to modify expected function calls in the setuid application.
| Software | From | Fixed in |
|---|---|---|
| scponly / scponly | 3.7 | 3.7.x |
| scponly / scponly | 3.2 | 3.2.x |
| scponly / scponly | 4.0 | 4.0.x |
| scponly / scponly | 4.1 | 4.1.x |
| scponly / scponly | 3.3 | 3.3.x |
| scponly / scponly | 3.11 | 3.11.x |
| scponly / scponly | 3.1 | 3.1.x |
| scponly / scponly | 3.4 | 3.4.x |
| scponly / scponly | 3.6 | 3.6.x |
| scponly / scponly | 3.9 | 3.9.x |
| scponly / scponly | 3.8 | 3.8.x |