Описание
A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence the third parameter of the function, it would become possible for an attacker to inject arbitrary commands, leading to a compromise of the remote target.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 0.8.0~20170825.94fa1e38-1ubuntu0.5 |
| devel | released | 0.9.0-1ubuntu5 |
| disco | released | 0.8.6-3ubuntu0.3 |
| eoan | released | 0.9.0-1ubuntu1.3 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | released | 0.8.0~20170825.94fa1e38-1ubuntu0.5 |
| esm-infra/xenial | released | 0.6.3-4.3ubuntu0.5 |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE |
Показывать по
EPSS
9.3 Critical
CVSS2
8.8 High
CVSS3
Связанные уязвимости
A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence the third parameter of the function, it would become possible for an attacker to inject arbitrary commands, leading to a compromise of the remote target.
A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence the third parameter of the function, it would become possible for an attacker to inject arbitrary commands, leading to a compromise of the remote target.
A flaw was found with the libssh API function ssh_scp_new() in version ...
EPSS
9.3 Critical
CVSS2
8.8 High
CVSS3