18 matches found
Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2020-12062)
The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirectory anywhere on the...
SUSE CVE-2020-12062
The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirectory anywhere on the...
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2021-2153)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.2 : openssh (EulerOS-SA-2021-2153)
According to the version of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - DISPUTED The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which...
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2020-2451)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2020-2376)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2020-2112)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : openssh (EulerOS-SA-2020-2112)
According to the version of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious...
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2020-1978)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.2.0 : openssh (EulerOS-SA-2020-1978)
According to the version of the openssh packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - DISPUTED The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call...
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2020-1928)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : openssh (EulerOS-SA-2020-1928)
According to the version of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious...
EulerOS 2.0 SP8 : openssh (EulerOS-SA-2020-1818)
According to the version of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious...
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2020-1690)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Photon OS 2.0: Openssh PHSA-2020-2.0-0253
An update of the openssh package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0253. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 1.0: Openssh PHSA-2020-1.0-0301
An update of the openssh package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0301. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2020-12062
The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirectory anywhere on the...
CVE-2020-12062
CVE-2020-12062 affects the OpenSSH scp client (OpenSSH 8.2). The issue arises when a utimes system call fails, causing the scp client to send duplicate responses to the server. A malicious unprivileged user on the remote server can leverage this to overwrite arbitrary files in the client’s downlo...