3 matches found
CVE-2019-6109
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server or Man-in-The-Middle attacker can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This...
PT-2019-1441
Name of the Vulnerable Software and Affected Versions OpenSSH version 7.9 Description The issue allows a malicious server or Man-in-The-Middle attacker to manipulate the client output, for example, by using ANSI control codes to hide additional files being transferred. This is due to the acceptan...
PT-2019-1442 · Openssh +6 · Openssh +6
Name of the Vulnerable Software and Affected Versions: OpenSSH version 7.9 Description: The issue is related to insufficient access control in the OpenSSH utility, specifically in the refresh progress meter function. This can allow a remote attacker to disclose protected information or execute...