OpenSSH < 7.6 Security Bypass
Medium Nessus Network Monitor Plugin ID 701159
SynopsisThe remote SSH server may be affected by a security bypass vulnerability.
DescriptionThe installed version of OpenSSH is prior to 7.6 and is affected by a vulnerability in the 'process_open' function that does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
SolutionUpgrade to OpenSSH 7.x version 7.6 or later.