Bug#796314: openssh: copying special crafted filenames executes shell-command
Hi,
On Fri, Aug 21, 2015 at 11:35:08AM +0200, bgrpt3@toplitzer.net wrote:
> Source: openssh
> Severity: important
> Tags: upstream security
>
>
> According to [1] special crafted filenames containing control characters
> can cause scp to execute commands in the current shell. This works also on
> copying files from remote (potential untrusted) servers
> to local client.
>
> this works:
> remote:
> $ touch "ab`tput clear`cd"
>
> local:
> $ scp user@host:"/dir/ab*" .
>
> which clears the screen in jessie.
This looks like #793412, merging both bugs.
Regards,
Salvatore
Reply to: