CVE-2018-20685

Published: Jan 10, 2019

Modified: Dec 17, 2025

PUBLISHED

Description

In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

DSA-4387

vendor-advisory

USN-3885-1

vendor-advisory

https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2

https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/scp.c.diff?r1=1.197&r2=1.198&f=h

https://security.netapp.com/advisory/ntap-20190215-0001/

106531

vdb-entry

https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt

GLSA-201903-16

vendor-advisory

[debian-lts-announce] 20190325 [SECURITY] [DLA 1728-1] openssh security update

mailing-list

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

RHSA-2019:3702

vendor-advisory

GLSA-202007-53

vendor-advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-20685

Description

Affected Products

References