First published: Wed Oct 25 2017(Updated: )
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/openssh | <7.6 | 7.6 |
ubuntu/openssh | <1:7.5 | 1:7.5 |
ubuntu/openssh | <1:7.6 | 1:7.6 |
ubuntu/openssh | <1:7.6 | 1:7.6 |
ubuntu/openssh | <1:7.6 | 1:7.6 |
ubuntu/openssh | <1:7.6 | 1:7.6 |
ubuntu/openssh | <1:7.6 | 1:7.6 |
ubuntu/openssh | <1:7.6 | 1:7.6 |
ubuntu/openssh | <1:7.6 | 1:7.6 |
ubuntu/openssh | <1:6.6 | 1:6.6 |
ubuntu/openssh | <1:7.6 | 1:7.6 |
ubuntu/openssh | <1:7.2 | 1:7.2 |
debian/openssh | 1:8.4p1-5+deb11u3 1:9.2p1-2+deb12u2 1:9.2p1-2+deb12u3 1:9.8p1-2 | |
OpenSSH | <7.6 | |
Oracle Storage Cloud Software Appliance | =8.8.6 | |
Debian Linux | =8.0 | |
NetApp Active IQ Unified Manager for VMware vSphere | ||
NetApp Cloud Backup | ||
IBM Data ONTAP | ||
NetApp Data ONTAP | ||
NetApp SolidFire & HCI Management Node | ||
NetApp OnCommand Unified Manager for Windows | ||
NetApp SolidFire & HCI Storage Node | ||
NetApp SteelStore Cloud Integrated Storage | ||
NetApp Storage Replication Adapter for Clustered Data ONTAP for VMware vSphere | >=9.7 | |
NetApp Storage Replication Adapter for Clustered Data ONTAP for VMware vSphere | =9.6 | |
NetApp VASA Provider | >=6.0<=6.2 | |
NetApp VASA Provider | >=9.7 | |
NetApp Virtual Storage Console for VMware vSphere | >=9.7 | |
NetApp Virtual Storage Console for VMware vSphere | =9.6 | |
All of | ||
NetApp CN1610 | ||
NetApp CN1610 Firmware | ||
Red Hat Enterprise Linux Desktop | =7.0 | |
Red Hat Enterprise Linux Server EUS | =7.6 | |
Red Hat Enterprise Linux Server EUS | =7.7 | |
Red Hat Enterprise Linux Server | =7.0 | |
Red Hat Enterprise Linux Server | =7.6 | |
Red Hat Enterprise Linux Server | =7.7 | |
Red Hat Enterprise Linux Server | =7.6 | |
Red Hat Enterprise Linux Server | =7.7 | |
Red Hat Enterprise Linux Workstation | =7.0 | |
NetApp CN1610 | ||
NetApp CN1610 Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-15906 has a medium severity rating, as it allows attackers to create zero-length files in readonly mode.
To fix CVE-2017-15906, upgrade OpenSSH to version 7.6 or later.
OpenSSH versions before 7.6 are affected by CVE-2017-15906.
Yes, CVE-2017-15906 can impact file integrity by allowing creation of zero-length files in readonly mode.
Mitigation of CVE-2017-15906 involves ensuring your OpenSSH installation is updated to version 7.6 or later.