VYPR
← All advisories
Unrated severityOSV Advisory· Published Jan 31, 2019· Updated Dec 18, 2025

CVE-2019-6111

CVE-2019-6111

Description

OpenSSH scp client (7.9 and earlier) fails to validate filenames returned by server, allowing malicious server to overwrite arbitrary files in target directory.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

OpenSSH scp client (7.9 and earlier) fails to validate filenames returned by server, allowing malicious server to overwrite arbitrary files in target directory.

Vulnerability

The vulnerability resides in the scp client, which is derived from the 1983 rcp protocol. The server selects which files to send, but the client only performs cursory validation of the returned object name, specifically preventing directory traversal attacks. It does not verify that the filenames match those requested by the client. This affects OpenSSH versions up to and including 7.9 [1][2][3].

Exploitation

An attacker controlling the SCP server (or performing a Man-in-the-Middle attack) can send arbitrary filenames to the client. The client will overwrite files in the target directory without proper validation. When recursive operation (-r) is used, the server can manipulate subdirectories, for example by overwriting ~/.ssh/authorized_keys to gain SSH access. The attacker requires the victim to connect to the malicious server or intercept the connection, and in the MITM case, the victim must accept the wrong host key [3][4].

Impact

Successful exploitation allows the attacker to write arbitrary files with attacker-controlled content to the client's target directory. This can lead to privilege escalation (e.g., overwriting authorized_keys for persistent SSH access) or arbitrary code execution (e.g., overwriting shell startup files like .bash_aliases). The impact is limited to the permissions of the user running the scp client [3][4].

Mitigation

The vulnerability is fixed in OpenSSH 8.0, released in April 2019 [2]. Red Hat has provided updated packages (openssh-8.0p1-3.el8) for RHEL 8 [1]. Users should update to the latest OpenSSH version. As a workaround, avoid using scp with untrusted servers; use sftp or rsync instead, which are not affected by this protocol flaw [2][3].

References
  1. https://access.redhat.com/errata/RHSA-2019:3702
  2. security - Announce: OpenSSH 8.0 released
  3. https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
  4. OffSec’s Exploit Database Archive

AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

43

Patches

0

No patches discovered yet.

Vulnerability mechanics

Root cause

"Missing validation of received object names in the scp client allows a malicious server to write files to arbitrary paths within the target directory."

Attack vector

The scp protocol delegates file selection to the server, which is a design inherited from 1983 rcp [ref_id=1]. The client only checks for directory traversal sequences but does not verify that the names of files/directories returned by the server match what was requested [ref_id=1]. A malicious scp server (or Man-in-The-Middle attacker who tricks the victim into accepting a wrong host fingerprint) can send arbitrary file names, causing the client to overwrite files such as .ssh/authorized_keys in the target directory [ref_id=1]. When the -r (recursive) flag is used, the server can also manipulate subdirectories [ref_id=1]. The attacker can hide the extra file transfer by sending ANSI escape sequences via stderr to spoof the client output [ref_id=1].

Affected code

The vulnerability exists in the OpenSSH scp client (derived from 1983 rcp) [ref_id=1]. The advisory does not specify exact function names, but the flaw is in the client's handling of object names returned by the server during file transfer. The same issue affects krb5-appl rcp in the file src/krb5-appl-1.0.1/bsd/krcp.c [ref_id=3].

What the fix does

The advisory references a patch at commit 391ffc4b9d31fa1f4ad566499fef9176ff8a07dc in the OpenSSH git repository [ref_id=1]. The patch adds server-side name validation so that the scp client rejects object names that do not match the originally requested path. This closes the gap where the client trusted the server's choice of file names without verification. For the krb5-appl rcp variant, the reporter notes the package is end-of-life and no official fix was released [ref_id=3].

Preconditions

  • networkVictim must connect to a malicious scp server (or an attacker must be in a Man-in-The-Middle position and the victim accepts the wrong host fingerprint)
  • inputVictim must use the scp client (not sftp) to copy files from the attacker-controlled server
  • inputFor recursive exploitation, the -r flag must be used

Reproduction

A proof-of-concept exploit is available at https://www.exploit-db.com/exploits/46193/. The exploit demonstrates a malicious scp server that sends arbitrary file names to the client, overwriting files in the target directory. Detailed reproduction steps are provided in the PoC.

Generated on May 27, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

23

News mentions

0

No linked articles in our index yet.