Lucene search
PRIOn knowledge basePRION:CVE-2020-12062HistoryJun 01, 2020 - 4:15 p.m.
Design/Logic Flaw
2020-06-0116:15:00
PRIOn knowledge base
www.prio-n.com
976
The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client’s download directory by creating a crafted subdirectory anywhere on the remote server. The victim must use the command scp -rp to download a file hierarchy containing, anywhere inside, this crafted subdirectory. NOTE: the vendor points out that “this attack can achieve no more than a hostile peer is already able to achieve within the scp protocol” and "utimes does not fail under normal circumstances.
Related
openvas
openvas
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2020-1690)
2020-06-26 00:00:00
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2020-2112)
2020-09-29 00:00:00
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2020-1928)
2020-09-04 00:00:00
nessus
nessus
EulerOS Virtualization 3.0.2.2 : openssh (EulerOS-SA-2021-2153)
2021-07-06 00:00:00
EulerOS Virtualization 3.0.6.6 : openssh (EulerOS-SA-2020-2451)
2020-11-06 00:00:00
Photon OS 1.0: Openssh PHSA-2020-1.0-0301
2020-06-18 00:00:00
debiancve
debiancve
CVE-2020-12062
2020-06-01 16:15:14
ubuntucve
ubuntucve
CVE-2020-12062
2020-06-01 00:00:00
cvelist
cvelist
CVE-2020-12062
2020-06-01 15:28:36
cve
cve
CVE-2020-12062
2020-06-01 16:15:14
redhatcve
redhatcve
CVE-2020-12062
2020-07-06 14:51:00
nvd
nvd
CVE-2020-12062
2020-06-01 16:15:14
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2020-2.0-0253
2020-06-13 00:00:00
Important Photon OS Security Update - PHSA-2020-0253
2020-06-13 00:00:00
Important Photon OS Security Update - PHSA-2020-0103
2020-06-12 00:00:00
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00