漏洞情况
如标题三个漏洞未2019年1月26日发布,发现存在该问题的设备使用的是OpenSSH 7.9版本。
三个安全漏洞问题为scp相关问题,出现在openssh-client。
解决办法:
目前发现成功解决该问题的方式是在openssh官网中找到,官网于4月26日发布最新OpenSSH 8.0版本中提到:
原引:https://www.openssh.com/txt/release-8.0
This release includes a number of changes that may affect existing
configurations:
- scp(1): Relating to the above changes to scp(1); the scp protocol
relies on the remote shell for wildcard expansion, so there is no
infallible way for the client’s wildcard matching to perfectly
reflect the server’s. If there is a difference between client and
server wildcard expansion, the client may refuse files from the
server. For this reason, we have provided a new “-T” flag to scp
that disables these client-side checks at the risk of
reintroducing the attack described above.