CVE-2019-6109
openssh: Missing character encoding in progress display allows for spoofing of scp client output
Severity Score
Exploit Likelihood
Affected Versions
37Public Exploits
0Exploited in Wild
-Decision
Descriptions
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
Se ha descubierto un problema en OpenSSH 7.9. Debido a la falta de cifrado de caracteres en la pantalla de progreso, un servidor malicioso (o atacante Man-in-the-Middle) puede emplear nombres de objeto manipulados para manipular la salida del cliente, por ejemplo, empleando códigos de control de ANSI para ocultar los archivos adicionales que se están transfiriendo. Esto afecta a refresh_progress_meter() en progressmeter.c.
Many scp clients fail to verify if the objects returned by the scp server match those it asked for. This issue dates back to 1983 and rcp, on which scp is based. A separate flaw in the client allows the target directory attributes to be changed arbitrarily. Finally, two vulnerabilities in clients may allow server to spoof the client output.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-10 CVE Reserved
- 2019-01-16 CVE Published
- 2024-08-04 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-116: Improper Encoding or Escaping of Output
- CWE-451: User Interface (UI) Misrepresentation of Critical Information
CAPEC
References (15)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2019/0... | Mailing List |
|
| https://security.netapp.com/advisory/ntap-20190213-... | Third Party Advisory |
|
| https://sintonen.fi/advisories/scp-client-multiple-... | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf | 2023-11-07 | |
| https://www.oracle.com/technetwork/security-advisory/cpuoct20... | 2023-11-07 |