openssh-7.4p1-23.0.3.0.3.el7.AXS7

エラータID: AXSA:2025-10789:04

Release date: 
Monday, September 1, 2025 - 10:21
Subject: 
openssh-7.4p1-23.0.3.0.3.el7.AXS7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

SSH (Secure SHell) is a program for logging into and executing
commands on a remote machine. SSH is intended to replace rlogin and
rsh, and to provide secure encrypted communications between two
untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.

OpenSSH is OpenBSD's version of the last free version of SSH, bringing
it up to date in terms of security and features.

This package includes the core files necessary for both the OpenSSH
client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.

Security Fix(es):

* CVE-2018-20685: fix a vulnerability scp client where a malicious server
could bypass intended access restrictions and modify target directory
permissions via crafted filenames
* CVE-2019-6109: fix scp client where a malicious server could manipulate the
client's progress display output due to missing character encoding
* CVE-2019-6111: fix scp client vulnerability that allowed a malicious server
to overwrite arbitrary files in the client's target directory, including
subdirectories, when performing transfers

CVE(s):
CVE-2019-6109
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
CVE-2018-20685
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVE-2019-6111
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

Solution: 

Update packages.

CVEs: 
CVE-2018-20685
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVE-2019-6109
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
CVE-2019-6111
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
Additional Info: 

N/A

Download: 

Asianux Server 7 for x86_64
  1. openssh-7.4p1-23.0.3.0.3.el7.AXS7.x86_64.rpm
    MD5: 8f16fbaf8d8b81889254cd377118c81f
    SHA-256: 51a3f2b72c44aa3f456c57ca02f877d2ede8b37cd117389a43e5f4b3d8700a4a
    Size: 486.36 kB
  2. openssh-askpass-7.4p1-23.0.3.0.3.el7.AXS7.x86_64.rpm
    MD5: 0f4be5814cb4b62db4f63b424de7f136
    SHA-256: 115c9c6c6ea89b8338d729b52ff79cf0926593dc370d1e2007477266bb6bf110
    Size: 77.93 kB
  3. openssh-clients-7.4p1-23.0.3.0.3.el7.AXS7.x86_64.rpm
    MD5: c52a758083cf5661c3d7ded03976f5db
    SHA-256: 5e8c36f343252983da59d8114800d795e0433e5b91590acb3ad328269b5de629
    Size: 657.61 kB
  4. openssh-keycat-7.4p1-23.0.3.0.3.el7.AXS7.x86_64.rpm
    MD5: 60f9c27933fdbd275b0aacf75a26191a
    SHA-256: 88bd387956391bca0eb5bc7767843cee268defe7f8265c7d183d09be1ca67aff
    Size: 98.28 kB
  5. openssh-server-7.4p1-23.0.3.0.3.el7.AXS7.x86_64.rpm
    MD5: 7c7a090057c8e2849c58249ebe356dec
    SHA-256: fcc36e9547cfdebd5df3e18cdf5bd7ff858a6eaac9b42ba21e9b02b00f6172dd
    Size: 460.79 kB