The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

References

bugzilla.redhat.com/show_bug.cgi?id=1506630

nessus 26

openvas 18

ibm 11

prion 1

amazon 2

aix 1

checkpoint_advisories 1

fedora 3

f5 1

nvd 1

oraclelinux 1

gentoo 1

redhat 1

osv 2

centos 1

ubuntucve 1

alpinelinux 1

mageia 2

slackware 1

symantec 1

debiancve 1

cvelist 1

cve 1

cloudfoundry 1

ubuntu 1

debian 1

photon 2

ics 1

oracle 1

nessus

Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : openssh (SSA:2018-067-01)

2018-03-09 00:00:00

GLSA-201801-05 : OpenSSH: Permission issue

2018-01-08 00:00:00

Fedora 26 : openssh (2017-4862a3bfb1)

2017-11-29 00:00:00

openvas

Fedora Update for openssh FEDORA-2017-4862a3bfb1

2017-12-04 00:00:00

OpenSSH 'sftp-server' Security Bypass Vulnerability - Windows

2017-10-27 00:00:00

Fedora Update for openssh FEDORA-2017-78f0991378

2017-12-14 00:00:00

ibm

Security Bulletin: Vulnerability CVE-2017-15906 in OpenSSH affects IBM i

2019-12-18 14:26:38

Security Bulletin: IBM QRadar Network Security is affected by an OpenSSH vulnerability

2018-07-25 14:29:31

Security Bulletin: OpenSSH vulnerability affects IBM Spectrum Protect Plus (CVE-2017-15906)

2018-09-24 08:15:01

prion

Code injection

2017-10-26 03:29:00

amazon

Low: openssh

2018-05-10 17:51:00

Low: openssh

2018-06-20 19:56:00

aix

Vulnerabilities in OpenSSH affect AIX.

2017-11-14 09:46:19

checkpoint_advisories

OpenSSH sftp-server.c Denial of Service (CVE-2017-15906)

2019-02-18 00:00:00

fedora

[SECURITY] Fedora 25 Update: openssh-7.4p1-5.fc25

2017-12-12 14:40:46

[SECURITY] Fedora 26 Update: openssh-7.5p1-4.fc26

2017-11-28 16:31:03

[SECURITY] Fedora 27 Update: openssh-7.6p1-2.fc27

2017-12-10 05:10:47

K89621551 : OpenSSH vulnerability CVE-2017-15906

2017-11-18 00:00:00

nvd

CVE-2017-15906

2017-10-26 03:29:00

oraclelinux

openssh security, bug fix, and enhancement update

2018-04-16 00:00:00

gentoo

OpenSSH: Permission issue

2018-01-07 00:00:00

redhat

(RHSA-2018:0980) Low: openssh security, bug fix, and enhancement update

2018-04-10 05:04:58

osv

CVE-2017-15906

2017-10-26 03:29:00

openssh - security update

2018-09-10 00:00:00

centos

openssh, pam_ssh_agent_auth security update

2018-04-26 17:48:27

ubuntucve

CVE-2017-15906

2017-10-25 00:00:00

alpinelinux

CVE-2017-15906

2017-10-26 03:29:00

mageia

Updated openssh packages fix security vulnerability

2017-12-31 18:14:43

Updated openssh packages fix security vulnerability

2018-01-01 13:38:51

slackware

[slackware-security] openssh

2018-03-08 09:04:05

symantec

SA163: OpenSSH Vulnerability October 2017

2018-01-30 08:00:00

debiancve

CVE-2017-15906

2017-10-26 03:29:00

cvelist

CVE-2017-15906

2017-10-26 00:00:00

cve

CVE-2017-15906

2017-10-26 03:29:00

cloudfoundry

USN-3538-1: OpenSSH vulnerabilities | Cloud Foundry

2018-02-01 00:00:00

ubuntu

OpenSSH vulnerabilities

2018-01-22 00:00:00

debian

[SECURITY] [DLA 1500-1] openssh security update

2018-09-10 08:44:17

photon

Critical Photon OS Security Update - PHSA-2017-0005

2017-12-07 00:00:00

Critical Photon OS Security Update - PHSA-2017-0091

2017-12-08 00:00:00

ics

Siemens SCALANCE X-200RNA Switch Devices

2022-12-19 12:00:00

oracle

Oracle Critical Patch Update Advisory - January 2020

2020-01-14 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.007 Low

EPSS

Percentile

79.7%

JSON

Related for RH:CVE-2017-15906