CVE-2018-20685

Priority
Description
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass
intended access restrictions via the filename of . or an empty filename.
The impact is modifying the permissions of the target directory on the
client side.
References
Bugs
Assigned-to
mdeslaur
Notes
seth-arnoldopenssh-ssh1 is provided for compatibility with old devices that
cannot be upgraded to modern protocols. Thus we may not provide security
support for this package if doing so would prevent access to equipment.
mdeslaurThe recommended workaround for this issue is to switch to using
sftp instead of scp.
Package
Upstream:released (1:7.9p1-5)
Ubuntu 18.04 LTS:released (1:7.6p1-4ubuntu0.2)
Ubuntu 16.04 FIPS Compliant:not-affected (1:7.2p2-4ubuntu2.7)
Ubuntu 20.04 LTS:released (1:7.9p1-5)
Ubuntu 16.04 FIPS Certified:not-affected (1:7.2p2-4ubuntu2.7)
Ubuntu 21.10:released (1:7.9p1-5)
Ubuntu 16.04 ESM:released (1:7.2p2-4ubuntu2.7)
Ubuntu 18.04 FIPS Certified:not-affected (1:7.9p1-5)
Ubuntu 20.04 FIPS Certified:not-affected (1:7.9p1-5)
Ubuntu 18.04 FIPS Compliant:not-affected (1:7.9p1-5)
Ubuntu 22.04 LTS:released (1:7.9p1-5)
Ubuntu 14.04 ESM:released (1:6.6p1-2ubuntu2.12)
Ubuntu 20.04 FIPS Compliant:not-affected (1:7.9p1-5)
Patches:
Upstream:https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2
Upstream:https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/scp.c.diff?r1=1.197&r2=1.198&f=h
Package
Upstream:ignored (frozen on openssh 7.5p)
Ubuntu 18.04 LTS:needs-triage
Ubuntu 20.04 LTS:needs-triage
Ubuntu 21.10:needs-triage
Ubuntu 22.04 LTS:needs-triage
Ubuntu 14.04 ESM:DNE
Patches:
More Information

Updated: 2022-04-25 00:26:09 UTC (commit ecc1009cb19540b950de59270950018900f37f15)