In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-03 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)05/31 Report--
This article shows you what the OpenSSH command injection vulnerability CVE-2020-15778 notice is like, the content is concise and easy to understand, can definitely make your eyes bright, through the detailed introduction of this article, I hope you can get something.
1. Summary of vulnerabilities
Researcher Chinmay Pandya discovered a loophole in Openssh on June 9, 2020, which was made public on July 18, 2020. Scp in OpenSSH's 8.3p1 allows commands to be injected into the scp.c remote function, which can be exploited by an attacker to execute arbitrary commands. At present, most linux systems are affected. We are convinced that the security research team assesses and notifies vulnerabilities based on their importance and impact.
II. Vulnerability Analysis 2.1introduction of OpenSSH
OpenSSH is an open source implementation for remote login using the SSH protocol. Prevent eavesdropping, connection hijacking and other attacks by encrypting interactive traffic. OpenSSH is developed by some developers on the OpenBSD project, is provided under a BSD-style license, and has been integrated into many commercial products.
2.2 vulnerability description
Researcher Chinmay Pandya found a command injection vulnerability in the scp component of openssh. Scp in OpenSSH's 8.3p1 allows commands to be injected into the scp.c remote function, which can be exploited by an attacker to execute arbitrary commands. At present, most linux systems are affected.
2.2.1 introduction to the scp command
Scp is the abbreviation of secure copy. In linux system, scp is used to copy files and directories between linux, and to carry out secure remote file copy commands based on ssh login. This command is implemented by scp.c of openssh and other related code.
2.2.2 vulnerability recurrence
I am convinced that Qianlimu Lab conducted poc verification at the first time when poc was made public, confirming that the poc currently disclosed on the Internet has the ability to exploit vulnerabilities, as shown in the figure:
2.2.3 poc analysis
When copying a file to a remote host, the path to the file is appended to the local scp command, and when the local scp command is executed, scp does not check, filter, and clear the file name. This allows the local shell to execute commands in backquotes when an attacker executes a valid scp command with backquotes.
III. Scope of influence
[affected version]
Openssh
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.