edit-icon download-icon

[Vulnerability notice] Remote overflow vulnerability in SFTP on OpenSSH

Last Updated: Nov 17, 2017

Description

Linux users often use SFTP on OpenSSH for uploading and downloading files. However, OpenSSH SFTP has a remote overflow vulnerability.

If ChrootDirectory is not configured for the OpenSSH server, general users are allowed to access all the resources in the file system, including /proc. In Linux Kernel version 2.6.x or earlier versions, /proc/self/maps reveals the memory layout and /proc/self/mem lets you write to arbitrary memory positions. An attacker can combine the two features to start a remote overflow attack.

Affected versions

OpenSSH <= 6.6

Fix

Upgrade OpenSSH to the latest version from the official website.

Learn more: http://seclists.org/fulldisclosure/2014/Oct/35

Thank you! We've received your feedback.