CVE-2019-6109

Name of the Vulnerable Software and Affected Versions OpenSSH version 7.9

Description The issue is related to insufficient access control in the OpenSSH utility, specifically in the refresh progress meter() function. This can allow a remote attacker to disclose protected information or execute arbitrary code. Additionally, a malicious server or Man-in-The-Middle attacker can manipulate client output by using crafted object names, potentially hiding additional files being transferred. This is due to missing character encoding in the progress display. The vulnerability also affects the scp client, allowing remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename, which can modify the permissions of the target directory on the client side.

Recommendations For OpenSSH version 7.9, consider disabling the refresh progress meter() function until a patch is available. Restrict access to the scp client to minimize the risk of exploitation. Avoid using the scp client with untrusted SSH servers until the issue is resolved. As a temporary workaround, consider validating and sanitizing filenames received from remote SSH servers to prevent manipulation of client output.