Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
OpenSSH <= 4.2p1 Security Vulnerability
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
When performing local-to-local copying functions, scp expands shell characters in the filename twice before making a system() call. A filename that contains specially crafted characters may cause arbitrary commands to be executed. If scp is used to transfer untrusted files or directories, a local user may be able to cause arbitrary code to be executed with the privileges of the process running scp.
Insight
Insight
Please see the references for more information on the vulnerabilities.
Affected Software
Affected Software
OpenSSH version 4.2p1 and prior.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Update to version 4.3 or later.