Test ID:	1.3.6.1.4.1.25623.1.1.10.2019.0067
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2019-0067)
Summary:	The remote host is missing an update for the 'openssh' package(s) announced via the MGASA-2019-0067 advisory.
Description:	Summary: The remote host is missing an update for the 'openssh' package(s) announced via the MGASA-2019-0067 advisory. Vulnerability Insight: In OpenSSH, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename (CVE-2018-20685). Affected Software/OS: 'openssh' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 2.6 CVSS Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-20685 BugTraq ID: 106531 http://www.securityfocus.com/bid/106531 Debian Security Information: DSA-4387 (Google Search) https://www.debian.org/security/2019/dsa-4387 https://security.gentoo.org/glsa/201903-16 https://security.gentoo.org/glsa/202007-53 https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/scp.c.diff?r1=1.197&r2=1.198&f=h https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2 https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html RedHat Security Advisories: RHSA-2019:3702 https://access.redhat.com/errata/RHSA-2019:3702 https://usn.ubuntu.com/3885-1/
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.