Bugs fixes in "openssh"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2018-20685 | In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. | 2019-02-07 |
| CVE | CVE-2019-6111 | An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sen | 2019-02-07 |
| CVE | CVE-2019-6109 | An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) | 2019-02-07 |
| CVE | CVE-2018-20685 | In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. | 2019-02-07 |
| CVE | CVE-2019-6111 | An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sen | 2019-02-07 |
| CVE | CVE-2019-6109 | An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) | 2019-02-07 |
| CVE | CVE-2018-20685 | In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. | 2019-02-07 |
| CVE | CVE-2019-6111 | An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sen | 2019-02-07 |
| CVE | CVE-2019-6109 | An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) | 2019-02-07 |
| CVE | CVE-2018-20685 | In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. | 2019-02-07 |
| CVE | CVE-2016-10708 | sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NE | 2018-11-06 |
| CVE | CVE-2018-15473 | OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packe | 2018-11-06 |
| Launchpad | 1794629 | CVE-2018-15473 - User enumeration vulnerability | 2018-11-06 |
| CVE | CVE-2016-10708 | sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NE | 2018-11-06 |
| CVE | CVE-2018-15473 | OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packe | 2018-11-06 |
| Launchpad | 1794629 | CVE-2018-15473 - User enumeration vulnerability | 2018-11-06 |
| CVE | CVE-2016-10708 | sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NE | 2018-11-06 |
| CVE | CVE-2018-15473 | OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packe | 2018-11-06 |
| Launchpad | 1794629 | CVE-2018-15473 - User enumeration vulnerability | 2018-11-06 |
| CVE | CVE-2016-10708 | sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NE | 2018-11-06 |
About
-
Send Feedback to @ubuntu_updates
