English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2019-6109
Description:An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The- Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
Test IDs: 1.3.6.1.4.1.25623.1.0.704387   1.3.6.1.4.1.25623.1.0.891728  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2019-6109
Debian Security Information: DSA-4387 (Google Search)
https://www.debian.org/security/2019/dsa-4387
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G/
https://security.gentoo.org/glsa/201903-16
https://cvsweb.openbsd.org/src/usr.bin/ssh/progressmeter.c
https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c
https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html
RedHat Security Advisories: RHSA-2019:3702
https://access.redhat.com/errata/RHSA-2019:3702
SuSE Security Announcement: openSUSE-SU-2019:1602 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html
https://usn.ubuntu.com/3885-1/



© 1998-2025 E-Soft Inc. All rights reserved.