openssh-7.4p1-23.0.3.0.3.el7.AXS7
エラータID: AXSA:2025-10789:04
リリース日:
2025/09/01 Monday - 10:21
題名:
openssh-7.4p1-23.0.3.0.3.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- OpenSSH の scp クライアント機能には、入力データのチェック処理
に不備があるため、リモートの攻撃者により、情報の漏洩を可能とする
脆弱性が存在します。(CVE-2018-20685)
- OpenSSH の scp クライアント機能には、リモートの攻撃者により、
データ破壊を可能とする脆弱性が存在します。(CVE-2019-6109)
- OpenSSH の scp クライアント機能には、送信するファイルの
チェック処理に不備があるため、リモートの攻撃者により、データ
破壊を可能とする脆弱性が存在します。(CVE-2019-6111)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2018-20685
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVE-2019-6109
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
CVE-2019-6111
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
追加情報:
N/A
ダウンロード:
Asianux Server 7 for x86_64
- openssh-7.4p1-23.0.3.0.3.el7.AXS7.x86_64.rpm
MD5: 8f16fbaf8d8b81889254cd377118c81f
SHA-256: 51a3f2b72c44aa3f456c57ca02f877d2ede8b37cd117389a43e5f4b3d8700a4a
Size: 486.36 kB - openssh-askpass-7.4p1-23.0.3.0.3.el7.AXS7.x86_64.rpm
MD5: 0f4be5814cb4b62db4f63b424de7f136
SHA-256: 115c9c6c6ea89b8338d729b52ff79cf0926593dc370d1e2007477266bb6bf110
Size: 77.93 kB - openssh-clients-7.4p1-23.0.3.0.3.el7.AXS7.x86_64.rpm
MD5: c52a758083cf5661c3d7ded03976f5db
SHA-256: 5e8c36f343252983da59d8114800d795e0433e5b91590acb3ad328269b5de629
Size: 657.61 kB - openssh-keycat-7.4p1-23.0.3.0.3.el7.AXS7.x86_64.rpm
MD5: 60f9c27933fdbd275b0aacf75a26191a
SHA-256: 88bd387956391bca0eb5bc7767843cee268defe7f8265c7d183d09be1ca67aff
Size: 98.28 kB - openssh-server-7.4p1-23.0.3.0.3.el7.AXS7.x86_64.rpm
MD5: 7c7a090057c8e2849c58249ebe356dec
SHA-256: fcc36e9547cfdebd5df3e18cdf5bd7ff858a6eaac9b42ba21e9b02b00f6172dd
Size: 460.79 kB
English