Bugzilla – Bug 1065000
VUL-1: CVE-2017-15906: openssh,openssh-askpass-gnome: r/o sftp-server zero byte file creation
Last modified: 2024-07-03 08:04:37 UTC
+++ This bug was initially created as a clone of Bug #1064285 +++ https://www.openssh.com/txt/release-7.6 Security -------- * sftp-server(8): in read-only mode, sftp-server was incorrectly permitting creation of zero-length files. Reported by Michal Zalewski.
Created attachment 745777 [details] foo.patch patch extracted from 7.5p1 -> 7.6p1 diff
I have requested a CVE via webform.
CVE-2017-15906 was assigned by mitre.
https://xorl.wordpress.com/2017/11/13/openssh-sftp-server-remote-security-vulnerability/amp/ https://github.com/openbsd/src/commit/a6981567e8e215acc1ef690c8dbb30f2d9b00a19
SUSE-SU-2017:3230-1: An update that solves two vulnerabilities and has three fixes is now available. Category: security (moderate) Bug References: 1006166,1048367,1065000,1068310,1069509 CVE References: CVE-2008-1483,CVE-2017-15906 Sources used: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src): openssh-7.2p2-74.11.1, openssh-askpass-gnome-7.2p2-74.11.3 SUSE Linux Enterprise Server 12-SP3 (src): openssh-7.2p2-74.11.1, openssh-askpass-gnome-7.2p2-74.11.3 SUSE Linux Enterprise Server 12-SP2 (src): openssh-7.2p2-74.11.1, openssh-askpass-gnome-7.2p2-74.11.3 SUSE Linux Enterprise Desktop 12-SP3 (src): openssh-7.2p2-74.11.1, openssh-askpass-gnome-7.2p2-74.11.3 SUSE Linux Enterprise Desktop 12-SP2 (src): openssh-7.2p2-74.11.1, openssh-askpass-gnome-7.2p2-74.11.3 SUSE Container as a Service Platform ALL (src): openssh-7.2p2-74.11.1 OpenStack Cloud Magnum Orchestration 7 (src): openssh-7.2p2-74.11.1
openSUSE-SU-2017:3243-1: An update that solves two vulnerabilities and has three fixes is now available. Category: security (moderate) Bug References: 1006166,1048367,1065000,1068310,1069509 CVE References: CVE-2008-1483,CVE-2017-15906 Sources used: openSUSE Leap 42.3 (src): openssh-7.2p2-15.1, openssh-askpass-gnome-7.2p2-15.1 openSUSE Leap 42.2 (src): openssh-7.2p2-11.6.1, openssh-askpass-gnome-7.2p2-11.6.1
Please provide backport for addressing this issue in openssh-openssl1-6.6p1 package.
*** Bug 1090163 has been marked as a duplicate of this bug. ***
SUSE-SU-2018:2275-1: An update that solves four vulnerabilities and has three fixes is now available. Category: security (moderate) Bug References: 1016370,1017099,1023275,1053972,1065000,1069509,1076957 CVE References: CVE-2008-1483,CVE-2016-10012,CVE-2016-10708,CVE-2017-15906 Sources used: SUSE Linux Enterprise Server 11-SP4 (src): openssh-6.6p1-36.3.1, openssh-askpass-gnome-6.6p1-36.3.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): openssh-6.6p1-36.3.1, openssh-askpass-gnome-6.6p1-36.3.1
SUSE-SU-2018:2685-1: An update that solves four vulnerabilities and has 5 fixes is now available. Category: security (moderate) Bug References: 1016370,1017099,1023275,1048367,1053972,1065000,1069509,1076957,1092582 CVE References: CVE-2008-1483,CVE-2016-10012,CVE-2016-10708,CVE-2017-15906 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): openssh-6.6p1-54.15.2, openssh-askpass-gnome-6.6p1-54.15.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): openssh-6.6p1-54.15.2, openssh-askpass-gnome-6.6p1-54.15.1 SUSE Linux Enterprise Server 12-LTSS (src): openssh-6.6p1-54.15.2, openssh-askpass-gnome-6.6p1-54.15.1
SUSE-SU-2018:2719-1: An update that solves four vulnerabilities and has three fixes is now available. Category: security (important) Bug References: 1016370,1017099,1023275,1053972,1065000,1069509,1076957 CVE References: CVE-2008-1483,CVE-2016-10012,CVE-2016-10708,CVE-2017-15906 Sources used: SUSE Linux Enterprise Server 11-SECURITY (src): openssh-openssl1-6.6p1-19.3.1
Created attachment 785677 [details] SLE-11-SP3 patch
SLE-10-SP3 has been upgraded to 6.6p1, same as in SLE-11-SP4, and already fixed there. SLE-11-SP1, with version 5.1p1, is not affected. SLE-11-SP3 will be submitted shortly. Submissions for the rest of the codestreams already submitted and released.
All fixed.
SUSE-SU-2018:3540-1: An update that solves 5 vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 1016370,1065000,1076957,1105010,1105180,1106163,1106726 CVE References: CVE-2016-10012,CVE-2016-10708,CVE-2017-15906,CVE-2018-15473,CVE-2018-15919 Sources used: SUSE Linux Enterprise Server 11-SP3-LTSS (src): openssh-6.2p2-0.41.5.1, openssh-askpass-gnome-6.2p2-0.41.5.1 SUSE Linux Enterprise Point of Sale 11-SP3 (src): openssh-6.2p2-0.41.5.1, openssh-askpass-gnome-6.2p2-0.41.5.1 SUSE Linux Enterprise Debuginfo 11-SP3 (src): openssh-6.2p2-0.41.5.1, openssh-askpass-gnome-6.2p2-0.41.5.1
Done