Details of VAR-201901-0012

ID

VAR-201901-0012

CVE

CVE-2019-6111

TITLE

OpenSSH Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-001830

DESCRIPTION

An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file). OpenSSH Contains an input validation vulnerability.Information may be tampered with. OpenSSH is prone to an arbitrary file-overwrite vulnerability. Successful exploits may allow an attacker to overwrite arbitrary files in the context of the user running the affected application. OpenSSH 7.9 and prior versions are vulnerable. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201903-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: OpenSSH: Multiple vulnerabilities Date: March 20, 2019 Bugs: #675520, #675522 ID: 201903-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in OpenSSH, the worst of which could allow a remote attacker to gain unauthorized access. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/openssh < 7.9_p1-r4 >= 7.9_p1-r4 Description =========== Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All OpenSSH users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/openssh-7.9_p1-r4" References ========== [ 1 ] CVE-2018-20685 https://nvd.nist.gov/vuln/detail/CVE-2018-20685 [ 2 ] CVE-2019-6109 https://nvd.nist.gov/vuln/detail/CVE-2019-6109 [ 3 ] CVE-2019-6110 https://nvd.nist.gov/vuln/detail/CVE-2019-6110 [ 4 ] CVE-2019-6111 https://nvd.nist.gov/vuln/detail/CVE-2019-6111 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201903-16 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2019 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: openssh security, bug fix, and enhancement update Advisory ID: RHSA-2019:3702-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3702 Issue date: 2019-11-05 CVE Names: CVE-2018-20685 CVE-2019-6109 CVE-2019-6111 ===================================================================== 1. Summary: An update for openssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. The following packages have been upgraded to a later upstream version: openssh (8.0p1). Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the OpenSSH server daemon (sshd) will be restarted automatically. 1686065 - SSH connections get closed when time-based rekeyring is used and ClientAliveMaxCount=0 1691045 - Rebase OpenSSH to latest release (8.0p1?) 1707485 - Use high-level API to do signatures 1712436 - MD5 is used when writing password protected PEM 1732424 - ssh-keygen -A fails in FIPS mode because of DSA key 1732449 - rsa-sha2-*-cert-v01@openssh.com host key types are ignored in FIPS despite being in the policy 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): aarch64: openssh-askpass-8.0p1-3.el8.aarch64.rpm openssh-askpass-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-cavs-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-clients-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-debugsource-8.0p1-3.el8.aarch64.rpm openssh-keycat-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-ldap-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-server-debuginfo-8.0p1-3.el8.aarch64.rpm pam_ssh_agent_auth-debuginfo-0.10.3-7.3.el8.aarch64.rpm ppc64le: openssh-askpass-8.0p1-3.el8.ppc64le.rpm openssh-askpass-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-cavs-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-clients-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-debugsource-8.0p1-3.el8.ppc64le.rpm openssh-keycat-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-ldap-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-server-debuginfo-8.0p1-3.el8.ppc64le.rpm pam_ssh_agent_auth-debuginfo-0.10.3-7.3.el8.ppc64le.rpm s390x: openssh-askpass-8.0p1-3.el8.s390x.rpm openssh-askpass-debuginfo-8.0p1-3.el8.s390x.rpm openssh-cavs-debuginfo-8.0p1-3.el8.s390x.rpm openssh-clients-debuginfo-8.0p1-3.el8.s390x.rpm openssh-debuginfo-8.0p1-3.el8.s390x.rpm openssh-debugsource-8.0p1-3.el8.s390x.rpm openssh-keycat-debuginfo-8.0p1-3.el8.s390x.rpm openssh-ldap-debuginfo-8.0p1-3.el8.s390x.rpm openssh-server-debuginfo-8.0p1-3.el8.s390x.rpm pam_ssh_agent_auth-debuginfo-0.10.3-7.3.el8.s390x.rpm x86_64: openssh-askpass-8.0p1-3.el8.x86_64.rpm openssh-askpass-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-cavs-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-clients-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-debugsource-8.0p1-3.el8.x86_64.rpm openssh-keycat-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-ldap-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-server-debuginfo-8.0p1-3.el8.x86_64.rpm pam_ssh_agent_auth-debuginfo-0.10.3-7.3.el8.x86_64.rpm Red Hat Enterprise Linux BaseOS (v. 8): Source: openssh-8.0p1-3.el8.src.rpm aarch64: openssh-8.0p1-3.el8.aarch64.rpm openssh-askpass-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-cavs-8.0p1-3.el8.aarch64.rpm openssh-cavs-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-clients-8.0p1-3.el8.aarch64.rpm openssh-clients-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-debugsource-8.0p1-3.el8.aarch64.rpm openssh-keycat-8.0p1-3.el8.aarch64.rpm openssh-keycat-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-ldap-8.0p1-3.el8.aarch64.rpm openssh-ldap-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-server-8.0p1-3.el8.aarch64.rpm openssh-server-debuginfo-8.0p1-3.el8.aarch64.rpm pam_ssh_agent_auth-0.10.3-7.3.el8.aarch64.rpm pam_ssh_agent_auth-debuginfo-0.10.3-7.3.el8.aarch64.rpm ppc64le: openssh-8.0p1-3.el8.ppc64le.rpm openssh-askpass-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-cavs-8.0p1-3.el8.ppc64le.rpm openssh-cavs-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-clients-8.0p1-3.el8.ppc64le.rpm openssh-clients-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-debugsource-8.0p1-3.el8.ppc64le.rpm openssh-keycat-8.0p1-3.el8.ppc64le.rpm openssh-keycat-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-ldap-8.0p1-3.el8.ppc64le.rpm openssh-ldap-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-server-8.0p1-3.el8.ppc64le.rpm openssh-server-debuginfo-8.0p1-3.el8.ppc64le.rpm pam_ssh_agent_auth-0.10.3-7.3.el8.ppc64le.rpm pam_ssh_agent_auth-debuginfo-0.10.3-7.3.el8.ppc64le.rpm s390x: openssh-8.0p1-3.el8.s390x.rpm openssh-askpass-debuginfo-8.0p1-3.el8.s390x.rpm openssh-cavs-8.0p1-3.el8.s390x.rpm openssh-cavs-debuginfo-8.0p1-3.el8.s390x.rpm openssh-clients-8.0p1-3.el8.s390x.rpm openssh-clients-debuginfo-8.0p1-3.el8.s390x.rpm openssh-debuginfo-8.0p1-3.el8.s390x.rpm openssh-debugsource-8.0p1-3.el8.s390x.rpm openssh-keycat-8.0p1-3.el8.s390x.rpm openssh-keycat-debuginfo-8.0p1-3.el8.s390x.rpm openssh-ldap-8.0p1-3.el8.s390x.rpm openssh-ldap-debuginfo-8.0p1-3.el8.s390x.rpm openssh-server-8.0p1-3.el8.s390x.rpm openssh-server-debuginfo-8.0p1-3.el8.s390x.rpm pam_ssh_agent_auth-0.10.3-7.3.el8.s390x.rpm pam_ssh_agent_auth-debuginfo-0.10.3-7.3.el8.s390x.rpm x86_64: openssh-8.0p1-3.el8.x86_64.rpm openssh-askpass-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-cavs-8.0p1-3.el8.x86_64.rpm openssh-cavs-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-clients-8.0p1-3.el8.x86_64.rpm openssh-clients-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-debugsource-8.0p1-3.el8.x86_64.rpm openssh-keycat-8.0p1-3.el8.x86_64.rpm openssh-keycat-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-ldap-8.0p1-3.el8.x86_64.rpm openssh-ldap-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-server-8.0p1-3.el8.x86_64.rpm openssh-server-debuginfo-8.0p1-3.el8.x86_64.rpm pam_ssh_agent_auth-0.10.3-7.3.el8.x86_64.rpm pam_ssh_agent_auth-debuginfo-0.10.3-7.3.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-20685 https://access.redhat.com/security/cve/CVE-2019-6109 https://access.redhat.com/security/cve/CVE-2019-6111 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/ 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXcHzKNzjgjWX9erEAQiytQ/6Apphov2V0QmnXA+KO3ZZKBPXtgKv8Sv1 dPtXhTC+Keq4yX9/bXlIuyk6BUsMeaiIMlL5bSSKtq2I7rVxwubTcPX4rD+pQvx8 ArNJgn7U2/3xqwc0R8dNXx6o8vB1M6jXDtu8fKJOxW48evDJf6gE4gX2KUM9yxR2 MhCoHVkLp9a5f0T11yFPI11H0P8gXXQgboAkdt82Ui35T4tD8RndVyPCsllN2c/X QCCbvZ9e8OLJJoxsOryLcw8tpQHXK2AJMXWv0Us99kQtbaBULWWahhrg/tftLxtT pILFBaB/RsmGg1O6OkxJ2CuKl6ATC2Wlj/Z7uYPrS7MQDn+fXkH2gfcjb4Z4rqIL IyKbUpsyFEAaV5rJUeRaS7dGfuQldQbS96P8lUpCcOXPbYD8FgTrW2q3NjOKgYMU +gh2xPwmlRm+iYfmedPoR2+bTWNYv8JS+Cp/fZF4IFx2EJPQcxKLYshNKgcfkNkR rIZ4brUI79p84H01TcTh4mFAbR63Y+c36UAI3/fM/W/RkZn/PdoJtpfwg/tjOYZH rt9kL7SfAEhjHNtBuJGNol6e124srS6300hnfFovAr6llDOcYlrh3ZgVZjVrn6E8 TZhyZ84TGMOqykfH7B9XkJH82X+x3rd2m0ovCPq+Ly62BasdXVd0C2snzbx8OAM8 I+am8dhVlyM= =iPw4 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description ----------- Many scp clients fail to verify if the objects returned by the scp server match those it asked for. This issue dates back to 1983 and rcp, on which scp is based. A separate flaw in the client allows the target directory attributes to be changed arbitrarily. Finally, two vulnerabilities in clients may allow server to spoof the client output. Details ------- The discovered vulnerabilities, described in more detail below, enables the attack described here in brief. 1. The transfer of extra files is hidden by sending ANSI control sequences via stderr. For example: user@local:~$ scp user@remote:readme.txt . readme.txt 100% 494 1.6KB/s 00:00 user@local:~$ 2. Once the victim launches a new shell, the malicious commands in .bash_aliases get executed. *) Man-in-the-Middle attack does require the victim to accept the wrong host fingerprint. Vulnerabilities --------------- 1. 2. The same vulnerability in WinSCP is known as CVE-2018-20684. 3. CWE-451: scp client spoofing via object name [CVE-2019-6109] Due to missing character encoding in the progress display, the object name can be used to manipulate the client output, for example to employ ANSI codes to hide additional files being transferred. 4. Proof-of-Concept ---------------- Proof of concept malicious scp server will be released at a later date. Vulnerable versions ------------------- The following software packages have some or all vulnerabilities: ver #1 #2 #3 #4 OpenSSH scp <=7.9 x x x x PuTTY PSCP ? - - x x WinSCP scp mode <=5.13 - x - - Tectia SSH scpg3 is not affected since it exclusively uses sftp protocol. Mitigation ---------- 1. OpenSSH 1.1 Switch to sftp if possible 1.2 Alternatively apply the following patch to harden scp against most server-side manipulation attempts: https://sintonen.fi/advisories/scp-name-validator.patch NOTE: This patch may cause problems if the the remote and local shells don't agree on the way glob() pattern matching works. YMMV. 2. PuTTY 2.1 No fix is available yet 3. WinSCP 3.1. Upgrade to WinSCP 5.14 or later Similar or prior work --------------------- 1. https://www.jeffgeerling.com/blog/brief-history-ssh-and-remote-access Credits ------- The vulnerability was discovered by Harry Sintonen / F-Secure Corporation. Timeline -------- 2018.08.08 initial discovery of vulnerabilities #1 and #2 2018.08.09 reported vulnerabilities #1 and #2 to OpenSSH 2018.08.10 OpenSSH acknowledged the vulnerabilities 2018.08.14 discovered & reported vulnerability #3 to OpenSSH 2018.08.15 discovered & reported vulnerability #4 to OpenSSH 2018.08.30 reported PSCP vulnerabilities (#3 and #4) to PuTTY developers 2018.08.31 reported WinSCP vulnerability (#2) to WinSCP developers 2018.09.04 WinSCP developers reported the vulnerability #2 fixed 2018.11.12 requested a status update from OpenSSH 2018.11.16 OpenSSH fixed vulnerability #1 2019.01.07 requested a status update from OpenSSH 2019.01.08 requested CVE assignments from MITRE 2019.01.10 received CVE assignments from MITRE 2019.01.11 public disclosure of the advisory 2019.01.14 added a warning about the potential issues caused by the patch . ========================================================================== Ubuntu Security Notice USN-3885-2 March 04, 2019 openssh vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: One of the fixes in USN-3885-1 was incomplete. Software Description: - openssh: secure shell (SSH) for secure access to remote machines Details: USN-3885-1 fixed vulnerabilities in OpenSSH. It was discovered that the fix for CVE-2019-6111 turned out to be incomplete. This update fixes the problem. Original advisory details: Harry Sintonen discovered multiple issues in the OpenSSH scp utility. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: openssh-client 1:7.7p1-4ubuntu0.3 Ubuntu 18.04 LTS: openssh-client 1:7.6p1-4ubuntu0.3 Ubuntu 16.04 LTS: openssh-client 1:7.2p2-4ubuntu2.8 Ubuntu 14.04 LTS: openssh-client 1:6.6p1-2ubuntu2.13 In general, a standard system update will make all the necessary changes. All the vulnerabilities are in found in the scp client implementing the SCP protocol. The check added in this version can lead to regression if the client and the server have differences in wildcard expansion rules. If the server is trusted for that purpose, the check can be disabled with a new -T option to the scp client. For the stable distribution (stretch), these problems have been fixed in version 1:7.4p1-10+deb9u5. For the detailed security status of openssh please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openssh Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlxe0w0ACgkQ3rYcyPpX RFs85AgA0GrSHO4Qf5FVsE3oXa+nMkZ4U6pbOA9dHotX54DEyNuIJrOsOv01cFxQ t2Z6uDkZptmHZT4uSWg2xIgMvpkGo9906ziZfHc0LTuHl8j++7cCDIDGZBm/iZaX ueQfl85gHDpte41JvUtpSBAwk1Bic7ltLUPDIGEiq6nQboxHIzsU7ULVb1l0wNxF sEFDPWGBS01HTa+QWgQaG/wbEhMRDcVz1Ck7dqpT2soQRohDWxU01j14q1EKe9O9 GHiWECvFSHBkkI/v8lNfSWnOWYa/+Aknri0CpjPc/bqh2Yx9rgp/Q5+FJ/FxJjmC bHFd+tbxB1LxEO96zKguYpPIzw7Kcw== =5Fd8 -----END PGP SIGNATURE-----

Trust: 2.52

sources: NVD: CVE-2019-6111 // JVNDB: JVNDB-2019-001830 // BID: 106741 // VULMON: CVE-2019-6111 // PACKETSTORM: 151948 // PACKETSTORM: 152154 // PACKETSTORM: 155158 // PACKETSTORM: 151175 // PACKETSTORM: 151954 // PACKETSTORM: 151601

AFFECTED PRODUCTS

vendor:	debian	model:	linux	scope:	eq	version:	8.0	Trust: 1.0
vendor:	fujitsu	model:	m10-4s	scope:	lt	version:	xcp3070	Trust: 1.0
vendor:	redhat	model:	enterprise linux	scope:	eq	version:	8.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	16.04	Trust: 1.0
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	8.6	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	18.10	Trust: 1.0
vendor:	siemens	model:	scalance x204rna	scope:	lt	version:	3.2.7	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	30	Trust: 1.0
vendor:	redhat	model:	enterprise linux eus	scope:	eq	version:	8.4	Trust: 1.0
vendor:	fujitsu	model:	m10-4	scope:	lt	version:	xcp3070	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	18.04	Trust: 1.0
vendor:	redhat	model:	enterprise linux	scope:	eq	version:	7.0	Trust: 1.0
vendor:	fujitsu	model:	m12-2	scope:	lt	version:	xcp3070	Trust: 1.0
vendor:	fujitsu	model:	m12-2s	scope:	lt	version:	xcp3070	Trust: 1.0
vendor:	fujitsu	model:	m12-1	scope:	lt	version:	xcp2361	Trust: 1.0
vendor:	redhat	model:	enterprise linux eus	scope:	eq	version:	8.2	Trust: 1.0
vendor:	winscp	model:	winscp	scope:	lte	version:	5.1.3	Trust: 1.0
vendor:	freebsd	model:	freebsd	scope:	eq	version:	12.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	8.4	Trust: 1.0
vendor:	fujitsu	model:	m10-1	scope:	lt	version:	xcp2361	Trust: 1.0
vendor:	apache	model:	mina sshd	scope:	eq	version:	2.2.0	Trust: 1.0
vendor:	siemens	model:	scalance x204rna eec	scope:	lt	version:	3.2.7	Trust: 1.0
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	8.4	Trust: 1.0
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	8.2	Trust: 1.0
vendor:	fujitsu	model:	m10-4s	scope:	lt	version:	xcp2361	Trust: 1.0
vendor:	redhat	model:	enterprise linux eus	scope:	eq	version:	8.6	Trust: 1.0
vendor:	openbsd	model:	openssh	scope:	lte	version:	7.9	Trust: 1.0
vendor:	freebsd	model:	freebsd	scope:	lt	version:	12.0	Trust: 1.0
vendor:	fujitsu	model:	m12-1	scope:	lt	version:	xcp3070	Trust: 1.0
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	8.2	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	14.04	Trust: 1.0
vendor:	fujitsu	model:	m10-4	scope:	lt	version:	xcp2361	Trust: 1.0
vendor:	redhat	model:	enterprise linux eus	scope:	eq	version:	8.1	Trust: 1.0
vendor:	fujitsu	model:	m12-2	scope:	lt	version:	xcp2361	Trust: 1.0
vendor:	fujitsu	model:	m12-2s	scope:	lt	version:	xcp2361	Trust: 1.0
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	8.6	Trust: 1.0
vendor:	fujitsu	model:	m10-1	scope:	lt	version:	xcp3070	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	canonical	model:	ubuntu	scope:	-	version:	-	Trust: 0.8
vendor:	debian	model:	gnu/linux	scope:	-	version:	-	Trust: 0.8
vendor:	openbsd	model:	openssh	scope:	eq	version:	7.9	Trust: 0.8
vendor:	winscp	model:	winscp	scope:	-	version:	-	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	-	version:	-	Trust: 0.8
vendor:	redhat	model:	enterprise linux	scope:	eq	version:	7	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	4.2	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	4.1	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	4.0	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	3.7.1	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	3.7	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	3.6.1	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	3.5	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	3.4	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	3.3	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	3.2	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	3.1	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	3.0.2	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	3.0	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	2.9.9	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	2.9	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	2.5.2	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	2.5.1	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	2.5	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	2.3	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	2.2	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	2.1.1	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	2.1	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	1.2.3	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	1.2.2	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	7.9	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	7.7	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	7.6	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	7.4	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	7.3	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	7.2	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	7.1	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	7.0	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	6.9	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	6.8	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	6.7	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	6.6	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	6.5	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	6.4	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	6.3	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	6.2	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	6.1	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	6.0	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	5.8	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	5.7	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	5.6	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	5.5	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	5.4	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	5.3	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	5.2	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	5.1	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	5.0	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	4.9	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	4.8	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	4.7	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	4.6	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	4.5	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	4.4	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	4.3.0	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	1.127	Trust: 0.3
vendor:	openssh	model:	openssh	scope:	eq	version:	1.126	Trust: 0.3
vendor:	f5	model:	traffix sdc	scope:	eq	version:	5.1	Trust: 0.3
vendor:	f5	model:	traffix sdc	scope:	eq	version:	5.0	Trust: 0.3
vendor:	f5	model:	traffix sdc	scope:	eq	version:	4.4	Trust: 0.3

sources: BID: 106741 // JVNDB: JVNDB-2019-001830 // NVD: CVE-2019-6111

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-6111
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-6111
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201901-767
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2019-6111
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-6111
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2019-6111
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	2.2
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2019-6111
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2019-6111 // JVNDB: JVNDB-2019-001830 // CNNVD: CNNVD-201901-767 // NVD: CVE-2019-6111

PROBLEMTYPE DATA

problemtype:	CWE-22	Trust: 1.0
problemtype:	CWE-20	Trust: 0.8

sources: JVNDB: JVNDB-2019-001830 // NVD: CVE-2019-6111

THREAT TYPE

remote

Trust: 0.8

sources: PACKETSTORM: 152154 // PACKETSTORM: 151954 // CNNVD: CNNVD-201901-767

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-201901-767

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-001830

EXPLOIT AVAILABILITY

sources: VULMON: CVE-2019-6111

PATCH

title:	[SECURITY] [DLA 1728-1] openssh security update	url:	https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html	Trust: 0.8
title:	DSA-4387	url:	https://www.debian.org/security/2019/dsa-4387	Trust: 0.8
title:	CVS log for src/usr.bin/ssh/scp.c	url:	https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c	Trust: 0.8
title:	Bug 1677794	url:	https://bugzilla.redhat.com/show_bug.cgi?id=1677794	Trust: 0.8
title:	USN-3885-1	url:	https://usn.ubuntu.com/3885-1/	Trust: 0.8
title:	USN-3885-2	url:	https://usn.ubuntu.com/3885-2/	Trust: 0.8
title:	Recent Version History	url:	https://winscp.net/eng/docs/history	Trust: 0.8
title:	OpenSSH Security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=88866	Trust: 0.6
title:	The Register	url:	https://www.theregister.co.uk/2019/01/15/scp_vulnerability/	Trust: 0.2
title:	Red Hat: Moderate: openssh security, bug fix, and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193702 - Security Advisory	Trust: 0.1
title:	Ubuntu Security Notice: openssh vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3885-2	Trust: 0.1
title:	Ubuntu Security Notice: openssh vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3885-1	Trust: 0.1
title:	Debian CVElist Bug Report Logs: openssh-client: scp can send arbitrary control characters / escape sequences to the terminal (CVE-2019-6109)	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=dffe92fd93b8f745f5f15bc2f29dc935	Trust: 0.1
title:	Debian CVElist Bug Report Logs: CVE-2019-6111 not fixed, file transfer of unwanted files by malicious SSH server still possible	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=74b791ca4fdf54c27d2b50ef6845ef8e	Trust: 0.1
title:	Debian CVElist Bug Report Logs: netkit-rsh: CVE-2019-7282 CVE-2019-7283	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=a043554ad34dcb6b0dc285dc8ea3ce0d	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2019-6111	Trust: 0.1
title:	Debian CVElist Bug Report Logs: openssh: CVE-2018-20685: scp.c in the scp client allows remote SSH servers to bypass intended access restrictions	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=8394bb17731a99ef76b185cbc70acfa3	Trust: 0.1
title:	Arch Linux Advisories: [ASA-201904-11] openssh: multiple issues	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201904-11	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2019-1313	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2019-1313	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2019-1216	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2019-1216	Trust: 0.1
title:	IBM: IBM Security Bulletin: Vulnerabilities in OpenSSH affect AIX (CVE-2018-20685 CVE-2018-6109 CVE-2018-6110 CVE-2018-6111) Security Bulletin	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=50a54c2fb43b489f64442dcf4f25bc3b	Trust: 0.1
title:	IBM: Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (February 2020v1)	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=979e60202a29c3c55731e37f8ddc5a3b	Trust: 0.1
title:	IBM: IBM Security Bulletin: Vyatta 5600 vRouter Software Patches – Releases 1801-w and 1801-y	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=bf3f2299a8658b7cd3984c40e7060666	Trust: 0.1
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d	Trust: 0.1
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2019-6111	Trust: 0.1
title:	-	url:	https://github.com/AntonVanAssche/CSV-NPE2223	Trust: 0.1
title:	-	url:	https://github.com/TommasoBilotta/public	Trust: 0.1
title:	-	url:	https://github.com/h4xrOx/Direct-Admin-Vulnerability-Disclosure	Trust: 0.1
title:	-	url:	https://github.com/numaan911098/leadgenapp-bug-report	Trust: 0.1
title:	DC-4-Vulnhub-Walkthrough	url:	https://github.com/vshaliii/DC-4-Vulnhub-Walkthrough	Trust: 0.1
title:	nmap	url:	https://github.com/devairdarolt/nmap	Trust: 0.1
title:	-	url:	https://github.com/Iknowmyname/Nmap-Scans-M2	Trust: 0.1
title:	cveScannerV2	url:	https://github.com/retr0-13/cveScannerV2	Trust: 0.1
title:	TrivyWeb	url:	https://github.com/KorayAgaya/TrivyWeb	Trust: 0.1
title:	iot-cves	url:	https://github.com/InesMartins31/iot-cves	Trust: 0.1
title:	-	url:	https://github.com/scmanjarrez/testrepository	Trust: 0.1
title:	github_aquasecurity_trivy	url:	https://github.com/back8/github_aquasecurity_trivy	Trust: 0.1
title:	Funbox2-rookie	url:	https://github.com/vaishali1998/Funbox2-rookie	Trust: 0.1
title:	trivy	url:	https://github.com/simiyo/trivy	Trust: 0.1
title:	security	url:	https://github.com/umahari/security	Trust: 0.1
title:	-	url:	https://github.com/Mohzeela/external-secret	Trust: 0.1
title:	Vulnerability-Scanner-for-Containers	url:	https://github.com/t31m0/Vulnerability-Scanner-for-Containers	Trust: 0.1
title:	trivy	url:	https://github.com/aquasecurity/trivy	Trust: 0.1
title:	trivy	url:	https://github.com/knqyf263/trivy	Trust: 0.1
title:	trivy	url:	https://github.com/siddharthraopotukuchi/trivy	Trust: 0.1
title:	Basic-Pentesting-2-Vulnhub-Walkthrough	url:	https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough	Trust: 0.1
title:	-	url:	https://github.com/bioly230/THM_Skynet	Trust: 0.1
title:	Basic-Pentesting-2	url:	https://github.com/vshaliii/Basic-Pentesting-2	Trust: 0.1
title:	PoC	url:	https://github.com/Jonathan-Elias/PoC	Trust: 0.1
title:	PoC-in-GitHub	url:	https://github.com/developer3000S/PoC-in-GitHub	Trust: 0.1
title:	CVE-POC	url:	https://github.com/0xT11/CVE-POC	Trust: 0.1
title:	PoC-in-GitHub	url:	https://github.com/hectorgie/PoC-in-GitHub	Trust: 0.1
title:	PoC-in-GitHub	url:	https://github.com/nomi-sec/PoC-in-GitHub	Trust: 0.1

sources: VULMON: CVE-2019-6111 // JVNDB: JVNDB-2019-001830 // CNNVD: CNNVD-201901-767

EXTERNAL IDS

db:	NVD	id:	CVE-2019-6111	Trust: 3.4
db:	BID	id:	106741	Trust: 2.0
db:	EXPLOIT-DB	id:	46193	Trust: 1.7
db:	OPENWALL	id:	OSS-SECURITY/2022/08/02/1	Trust: 1.7
db:	OPENWALL	id:	OSS-SECURITY/2019/04/18/1	Trust: 1.7
db:	SIEMENS	id:	SSA-412672	Trust: 1.7
db:	JVNDB	id:	JVNDB-2019-001830	Trust: 0.8
db:	PACKETSTORM	id:	152154	Trust: 0.7
db:	PACKETSTORM	id:	151954	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.1255	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1280.2	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1411.2	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1280	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1411.3	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.0410.3	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1411	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.0605	Trust: 0.6
db:	EXPLOIT-DB	id:	46516	Trust: 0.6
db:	CNNVD	id:	CNNVD-201901-767	Trust: 0.6
db:	ICS CERT	id:	ICSA-22-349-21	Trust: 0.1
db:	VULMON	id:	CVE-2019-6111	Trust: 0.1
db:	PACKETSTORM	id:	151948	Trust: 0.1
db:	PACKETSTORM	id:	155158	Trust: 0.1
db:	PACKETSTORM	id:	151175	Trust: 0.1
db:	PACKETSTORM	id:	151601	Trust: 0.1

sources: VULMON: CVE-2019-6111 // BID: 106741 // JVNDB: JVNDB-2019-001830 // PACKETSTORM: 151948 // PACKETSTORM: 152154 // PACKETSTORM: 155158 // PACKETSTORM: 151175 // PACKETSTORM: 151954 // PACKETSTORM: 151601 // CNNVD: CNNVD-201901-767 // NVD: CVE-2019-6111

REFERENCES

url:	http://www.securityfocus.com/bid/106741	Trust: 2.9
url:	https://access.redhat.com/errata/rhsa-2019:3702	Trust: 2.5
url:	https://www.debian.org/security/2019/dsa-4387	Trust: 2.3
url:	https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt	Trust: 2.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-6111	Trust: 2.0
url:	https://usn.ubuntu.com/3885-2/	Trust: 1.8
url:	https://security.gentoo.org/glsa/201903-16	Trust: 1.8
url:	https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c	Trust: 1.7
url:	https://www.exploit-db.com/exploits/46193/	Trust: 1.7
url:	https://usn.ubuntu.com/3885-1/	Trust: 1.7
url:	https://security.netapp.com/advisory/ntap-20190213-0001/	Trust: 1.7
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1677794	Trust: 1.7
url:	https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html	Trust: 1.7
url:	http://www.openwall.com/lists/oss-security/2019/04/18/1	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html	Trust: 1.7
url:	https://www.freebsd.org/security/advisories/freebsd-en-19:10.scp.asc	Trust: 1.7
url:	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html	Trust: 1.7
url:	http://www.openwall.com/lists/oss-security/2022/08/02/1	Trust: 1.7
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf	Trust: 1.7
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/w3yvq2bptovdcfdvnc2ggf5p5isfg37g/	Trust: 1.1
url:	https://lists.apache.org/thread.html/c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3cdev.mina.apache.org%3e	Trust: 1.1
url:	https://lists.apache.org/thread.html/c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3cdev.mina.apache.org%3e	Trust: 1.1
url:	https://lists.apache.org/thread.html/e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3cdev.mina.apache.org%3e	Trust: 1.1
url:	https://lists.apache.org/thread.html/d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3cdev.mina.apache.org%3e	Trust: 1.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6111	Trust: 0.8
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/w3yvq2bptovdcfdvnc2ggf5p5isfg37g/	Trust: 0.6
url:	https://lists.apache.org/thread.html/d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a@%3cdev.mina.apache.org%3e	Trust: 0.6
url:	https://lists.apache.org/thread.html/c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b@%3cdev.mina.apache.org%3e	Trust: 0.6
url:	https://lists.apache.org/thread.html/e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f@%3cdev.mina.apache.org%3e	Trust: 0.6
url:	https://lists.apache.org/thread.html/c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23@%3cdev.mina.apache.org%3e	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2019/suse-su-20190496-1.html	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2019/suse-su-201914016-1.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1411/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/75338	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1280.2/	Trust: 0.6
url:	https://www.exploit-db.com/exploits/46516	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/76170	Trust: 0.6
url:	https://packetstormsecurity.com/files/152154/gentoo-linux-security-advisory-201903-16.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/151954/ubuntu-security-notice-usn-3885-2.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1411.2/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1280/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1411.3	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/78934	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2019-6111	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2019-6109	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2018-20685	Trust: 0.4
url:	http://www.openssh.org/	Trust: 0.3
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1666127	Trust: 0.3
url:	https://support.f5.com/csp/article/k21350967	Trust: 0.3
url:	https://www.debian.org/security/	Trust: 0.2
url:	https://www.debian.org/security/faq	Trust: 0.2
url:	https://security-tracker.debian.org/tracker/openssh	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-6110	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/22.html	Trust: 0.1
url:	https://tools.cisco.com/security/center/viewalert.x?alertid=59544	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.exploit-db.com/exploits/46193	Trust: 0.1
url:	https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21	Trust: 0.1
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://www.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/	Trust: 0.1
url:	https://access.redhat.com/security/updates/classification/#moderate	Trust: 0.1
url:	https://bugzilla.redhat.com/):	Trust: 0.1
url:	https://access.redhat.com/security/team/key/	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-6109	Trust: 0.1
url:	https://access.redhat.com/articles/11258	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-20685	Trust: 0.1
url:	https://access.redhat.com/security/team/contact/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-20684	Trust: 0.1
url:	https://sintonen.fi/advisories/scp-name-validator.patch	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2000-0992	Trust: 0.1
url:	https://www.jeffgeerling.com/blog/brief-history-ssh-and-remote-access	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/openssh/1:6.6p1-2ubuntu2.13	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/openssh/1:7.7p1-4ubuntu0.3	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/openssh/1:7.2p2-4ubuntu2.8	Trust: 0.1
url:	https://usn.ubuntu.com/usn/usn-3885-1	Trust: 0.1
url:	https://usn.ubuntu.com/usn/usn-3885-2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/openssh/1:7.6p1-4ubuntu0.3	Trust: 0.1

CREDITS

Ubuntu,Harry Sintonen,Gentoo

Trust: 0.6

sources: CNNVD: CNNVD-201901-767

SOURCES

db:	VULMON	id:	CVE-2019-6111
db:	BID	id:	106741
db:	JVNDB	id:	JVNDB-2019-001830
db:	PACKETSTORM	id:	151948
db:	PACKETSTORM	id:	152154
db:	PACKETSTORM	id:	155158
db:	PACKETSTORM	id:	151175
db:	PACKETSTORM	id:	151954
db:	PACKETSTORM	id:	151601
db:	CNNVD	id:	CNNVD-201901-767
db:	NVD	id:	CVE-2019-6111

LAST UPDATE DATE

2024-08-14T12:06:11.750000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2019-6111	date:	2023-11-07T00:00:00
db:	BID	id:	106741	date:	2019-01-18T00:00:00
db:	JVNDB	id:	JVNDB-2019-001830	date:	2019-03-27T00:00:00
db:	CNNVD	id:	CNNVD-201901-767	date:	2022-12-14T00:00:00
db:	NVD	id:	CVE-2019-6111	date:	2023-11-07T03:13:05.610

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2019-6111	date:	2019-01-31T00:00:00
db:	BID	id:	106741	date:	2019-01-18T00:00:00
db:	JVNDB	id:	JVNDB-2019-001830	date:	2019-03-27T00:00:00
db:	PACKETSTORM	id:	151948	date:	2019-03-04T21:54:21
db:	PACKETSTORM	id:	152154	date:	2019-03-20T16:09:02
db:	PACKETSTORM	id:	155158	date:	2019-11-06T15:55:27
db:	PACKETSTORM	id:	151175	date:	2019-01-16T15:04:39
db:	PACKETSTORM	id:	151954	date:	2019-03-04T21:58:39
db:	PACKETSTORM	id:	151601	date:	2019-02-11T16:13:15
db:	CNNVD	id:	CNNVD-201901-767	date:	2019-01-21T00:00:00
db:	NVD	id:	CVE-2019-6111	date:	2019-01-31T18:29:00.867