The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of OpenSSH: empty file creation via read-only sftp-server

Synthesis of the vulnerability 

An attacker can use sftp-server of OpenSSH, in order to create an empty file, even if the read-only mode is selected.
Vulnerable systems: Debian, Fedora, AIX, Junos Space, Junos Space Network Management Platform, OpenSSH, openSUSE Leap, Solaris, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity of this threat: 2/4.
Creation date: 04/10/2017.
Références of this weakness: bulletinjan2019, CVE-2017-15906, DLA-1500-1, DLA-1500-2, FEDORA-2017-4862a3bfb1, FEDORA-2017-78f0991378, FEDORA-2017-96d1995b70, JSA10880, openSUSE-SU-2017:3243-1, RHSA-2018:0980-01, SUSE-SU-2018:2275-1, SUSE-SU-2018:2685-1, SUSE-SU-2018:3540-1, USN-3538-1, VIGILANCE-VUL-24020.

Description of the vulnerability 

An attacker can use sftp-server of OpenSSH, in order to create an empty file, even if the read-only mode is selected.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This cybersecurity weakness impacts software or systems such as Debian, Fedora, AIX, Junos Space, Junos Space Network Management Platform, OpenSSH, openSUSE Leap, Solaris, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.

Our Vigil@nce team determined that the severity of this security vulnerability is medium.

The trust level is of type confirmed by the editor, with an origin of internet client.

An attacker with a expert ability can exploit this vulnerability bulletin.

Solutions for this threat 

OpenSSH: version 7.6.
The version 7.6 is fixed:
  http://www.openssh.com/

AIX: patch for OpenSSH.
A patch is available:
  https://www-01.ibm.com/marketing/iwm/iwm/web/reg/download.do?source=aixbp&lang=en_US&S_PKG=openssh&cp=UTF-8

Copssh: version 6.1.0.
The version 6.1.0 is fixed:
  https://www.itefix.net/

Debian 8: new openssh packages.
New packages are available:
  Debian 8: openssh 1:6.7p1-5+deb8u7

Fedora: new openssh packages.
New packages are available:
  Fedora 25: openssh 7.4p1-5.fc25
  Fedora 26: openssh 7.5p1-4.fc26
  Fedora 27: openssh 7.6p1-2.fc27

Junos Space: version 18.2R1.
The version 18.2R1 is fixed.

openSUSE Leap: new openssh packages.
New packages are available:
  openSUSE Leap 42.2: openssh 7.2p2-11.6.1
  openSUSE Leap 42.3: openssh 7.2p2-15.1

Oracle Solaris: patch for third party software of January 2019 v2.
A patch is available:
  https://support.oracle.com/rs?type=doc&id=1448883.1

RHEL 7: new openssh packages.
New packages are available:
  RHEL 7: openssh 7.4p1-16.el7

SUSE LE 11 SP3: new openssh packages.
New packages are available:
  SUSE LE 11 SP3: openssh 6.2p2-0.41.5.1

SUSE LE 11 SP4: new openssh packages.
New packages are available:
  SUSE LE 11 SP4: openssh 6.6p1-36.3.1

SUSE LE 12 RTM/SP1: new openssh packages.
New packages are available:
  SUSE LE 12 RTM: openssh 6.6p1-54.15.2
  SUSE LE 12 SP1: openssh 6.6p1-54.15.2

Ubuntu: new openssh-server packages.
New packages are available:
  Ubuntu 17.10: openssh-server 1:7.5p1-10ubuntu0.1
  Ubuntu 16.04 LTS: openssh-server 1:7.2p2-4ubuntu2.4
  Ubuntu 14.04 LTS: openssh-server 1:6.6p1-2ubuntu2.10
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a networks vulnerabilities watch. The Vigil@nce vulnerability database contains several thousand vulnerabilities.