From: Marc Deslauriers
Date: Feb 8, 2019 Friday 3:01AM
Harry Sintonen discovered multiple issues in the OpenSSH scp utility. If a
user or automated system were tricked into connecting to an untrusted
server, a remote attacker could possibly use these issues to write to
arbitrary files, change directory permissions, and spoof client output.
References:
https://usn.ubuntu.com/usn/usn-3885-1
CVE-2018-20685, CVE-2019-6109, CVE-2019-6111
沒有留言:
張貼留言