[3.7] openssh: Improper write operations in readonly mode allow for zero-length file creation (CVE-2017-15906)
The process_open function in sftp-server.c in OpenSSH before 7.6 does
not properly prevent write operations
in readonly mode, which allows attackers to create zero-length files.
References:
https://www.openssh.com/txt/release-7.6
https://nvd.nist.gov/vuln/detail/CVE-2017-15906
Patch:
https://github.com/openbsd/src/commit/a6981567e8e215acc1ef690c8dbb30f2d9b00a19
(from redmine: issue id 8281, created on 2017-12-13, closed on 2018-01-02)
- Relations:
- parent #8279 (closed)
- Changesets:
- Revision 43ed1297 by Francesco Colista on 2017-12-15T14:20:11Z:
main/openssh: security fixes for CVE-2017-15906. Fixes #8281
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information