UbuntuUpdates.org

Bugs fixes in "openssh"

Origin Bug number Title Date fixed
CVE CVE-2019-6109 An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) 2019-02-07
CVE CVE-2018-20685 In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. 2019-02-07
CVE CVE-2019-6111 An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sen 2019-02-07
CVE CVE-2019-6109 An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) 2019-02-07
CVE CVE-2018-20685 In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. 2019-02-07
CVE CVE-2019-6111 An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sen 2019-02-07
CVE CVE-2019-6109 An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) 2019-02-07
CVE CVE-2018-20685 In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. 2019-02-07
Launchpad 1801128 OpenSSH 7.7 -w tunnel bug 2018-12-03
Launchpad 1801128 OpenSSH 7.7 -w tunnel bug 2018-12-03
Launchpad 1801128 OpenSSH 7.7 -w tunnel bug 2018-11-20
Launchpad 1801128 OpenSSH 7.7 -w tunnel bug 2018-11-20
CVE CVE-2016-10708 sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NE 2018-11-06
CVE CVE-2018-15473 OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packe 2018-11-06
Launchpad 1794629 CVE-2018-15473 - User enumeration vulnerability 2018-11-06
CVE CVE-2016-10708 sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NE 2018-11-06
CVE CVE-2018-15473 OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packe 2018-11-06
Launchpad 1794629 CVE-2018-15473 - User enumeration vulnerability 2018-11-06
CVE CVE-2016-10708 sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NE 2018-11-06
CVE CVE-2018-15473 OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packe 2018-11-06



About   -   Send Feedback to @ubuntu_updates