ALAS-2019-1313 --- openssh pam_ssh_agent_authID: oval:org.secpod.oval:def:1601072 | Date: (C)2019-11-05 (M)2023-11-10 |
Class: PATCH | Family: unix |
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter in progressmeter.c. An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned . A malicious scp server can overwrite arbitrary files in the scp client target directory. If recursive operation is performed, the server can manipulate subdirectories as well . In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side
Platform: |
Amazon Linux AMI |
Product: |
openssh |
pam_ssh_agent_auth |