9.3
CVSSv2

CVE-2019-14889

Published: 10/12/2019 Updated: 15/03/2020
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

A flaw was found with the libssh API function ssh_scp_new() in versions prior to 0.9.3 and prior to 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence the third parameter of the function, it would become possible for an malicious user to inject arbitrary commands, leading to a compromise of the remote target.

Vulnerability Trend

Affected Products

Vendor Product Versions
LibsshLibssh0.4.7, 0.4.8, 0.5.0, 0.5.1, 0.5.2, 0.5.3, 0.5.4, 0.5.5, 0.6.0, 0.6.1, 0.6.2, 0.6.3, 0.6.4, 0.6.5, 0.7.0, 0.7.1, 0.7.2, 0.7.3, 0.7.4, 0.7.5, 0.7.6, 0.7.7, 0.8.0, 0.8.1, 0.8.2, 0.8.3, 0.8.4, 0.8.5, 0.8.6, 0.8.7, 0.9.0, 0.9.1, 0.9.2
CanonicalUbuntu Linux16.04, 18.04, 19.04, 19.10

Vendor Advisories

Debian Bug report logs - #946548 libssh: CVE-2019-14889 Package: src:libssh; Maintainer for src:libssh is Laurent Bigonville <bigon@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 10 Dec 2019 18:30:02 UTC Severity: important Tags: security, upstream Found in versions libssh/090-1, lib ...
libssh could be made to run programs under certain conditions ...

Github Repositories

No description, website, or topics provided.