From: Marc Deslauriers
Date: Mar 5, 2019 2:39AM
Harry Sintonen discovered multiple issues in the OpenSSH scp utility. If a
user or automated system were tricked into connecting to an untrusted
server, a remote attacker could possibly use these issues to write to
arbitrary files, change directory permissions, and spoof client output.
References:
https://usn.ubuntu.com/usn/usn-3885-2
https://usn.ubuntu.com/usn/usn-3885-1
CVE-2019-6111
沒有留言:
張貼留言