Oval Definition:	oval:com.ubuntu.xenial:def:201820685000
Revision Date: 2019-01-10 Version: 1 Title: CVE-2018-20685 on Ubuntu 16.04 LTS (xenial) - medium. Description: In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-20685 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND The 'openssh' package in xenial was vulnerable but has been fixed (note: '1:7.2p2-4ubuntu2.7').
BACK