{"vulnerability": "CVE-2019-6111", "sightings": [{"uuid": "1ca50d8c-af48-4809-90a9-ff40c8455fed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-08T21:59:31.000000Z"}, {"uuid": "7f72fb34-e19c-4825-b294-5278e5a71416", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-01T18:11:57.000000Z"}, {"uuid": "39bd2d2e-b944-4dc0-89ff-19f946c5ac5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2019-6111", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1754", "content": "", "creation_timestamp": "2026-02-09T04:00:00.000000Z"}, {"uuid": "ef64de80-c00d-40f8-88a8-66fa900e522e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "published-proof-of-concept", "source": "https://t.me/antichat/3382", "content": "#soft #\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f #\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\n\n\u041d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u043e\u0441\u0442\u0438 \u0441 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c\u0438 SCP\n\n\u041d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043d\u043e\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0430\u043c\u044b\u0445 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u0430 SCP (\u043e\u0441\u043e\u0431\u043e \u0432\u0430\u0436\u043d\u043e \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u0447\u0430\u0441\u0442\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u043a \u0447\u0443\u0436\u0438\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c):\nCVE-2019-6111 - \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 OpenSSH scp <=7.9 - \u043d\u0435\u0434\u043e\u0431\u0440\u043e\u0441\u043e\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u043c \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u043a\u0430\u0442\u043e\u043b\u043e\u0433\u0438, \u0435\u0441\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f \u0440\u0435\u043a\u0443\u0440\u0441\u0438\u0432\u043d\u043e\u0435 \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435.\nCVE-2018-20685 - OpenSSH scp <=7.9 \u0438 WinSCP <=5.13 - \u043d\u0435\u0434\u043e\u0431\u0440\u043e\u0441\u043e\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0446\u0435\u043b\u0435\u0432\u043e\u043c\u0443 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0443 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u0430.\nCVE-2019-6109 \u0438 CVE-2019-6110 - OpenSSH scp <=7.9 \u0438 PuTTY PSCP - \u0434\u0430\u044e\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u0443 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432\u044b\u0432\u043e\u0434\u043e\u043c \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u0447\u0435\u0440\u0435\u0437 \u0438\u043c\u0435\u043d\u0430 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u0438 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0439 \u043f\u043e\u0442\u043e\u043a \u043e\u0448\u0438\u0431\u043e\u043a \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432 ASCII \u0438 \u0441\u043a\u0440\u044b\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f, \u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u0435 \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0414\u043b\u044f WinSCP \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u0432\u0435\u0440\u0441\u0438\u044f \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c - 5.14.\n\n\u0414\u043b\u044f OpenSSH \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435\u0442, \u043d\u043e \u0435\u0441\u0442\u044c \u043f\u0430\u0442\u0447 https://sintonen.fi/advisories/scp-name-validator.patch\n\u041b\u0438\u0431\u043e \u043c\u043e\u0436\u043d\u043e \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c SFTP, \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0439 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432 OpenSSH:\nSubsystem sftp /usr/lib/openssh/sftp-server (\u0432 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435)\n\u0438\u043b\u0438\nSubsystem sftp internal-sftp (\u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439, \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 sshd)\n\n\u0414\u043b\u044f PuTTY \u043d\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u043d\u043e \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043d\u0435\u043c \u043d\u0435 \u0443\u0441\u0442\u0440\u0430\u0448\u0430\u044e\u0449\u0438\u0435.", "creation_timestamp": "2019-01-23T07:03:05.000000Z"}, {"uuid": "77900976-d5d5-4e88-979a-9771c2fb7bb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "seen", "source": "https://t.me/antichat/3404", "content": "CVE-2019-6111 \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 scp\nhttps://goo.gl/dJy78w", "creation_timestamp": "2019-01-25T13:00:20.000000Z"}, {"uuid": "ae1f98a4-e160-46ce-95f8-7b8e9dedb971", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "seen", "source": "Telegram/lSatndSHKvXeOOkCe4BtgugIcZcDihrdZBJA4iXwuYPkAsH3oA", "content": "", "creation_timestamp": "2025-08-17T02:42:32.000000Z"}, {"uuid": "cc176c11-d36a-4fa2-bd98-9dd31cf65322", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/10574", "content": "https://vulners.com/githubexploit/C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 *EXPLOIT* | 1337DAY-ID-39918 6.8 https://vulners.com/zdt/1337DAY-ID-39918*EXPLOIT* | 10213DBE-F683-58BB-B6D3-353173626207 6.8 https://vulners.com/githubexploit/10213DBE-F683-58BB-B6D3-353173626207 *EXPLOIT* | CVE-2023-51385 6.5 https://vulners.com/cve/CVE-2023-51385 | EDB-ID:40858 6.4 https://vulners.com/exploitdb/EDB-ID:40858 *EXPLOIT* | EDB-ID:40119 6.4 https://vulners.com/exploitdb/EDB-ID:40119 *EXPLOIT* | EDB-ID:39569 6.4 https://vulners.com/exploitdb/EDB-ID:39569 *EXPLOIT* | CVE-2016-3115 6.4 https://vulners.com/cve/CVE-2016-3115 | PACKETSTORM:181223 5.9 https://vulners.com/packetstorm/PACKETSTORM:181223 *EXPLOIT* | MSF:AUXILIARY-SCANNER-SSH-SSH_ENUMUSERS- 5.9 https://vulners.com/metasploit/MSF:AUXILIARY-SCANNER-SSH-SSH_ENUMUSERS- *EXPLOIT* | EDB-ID:40136 5.9 https://vulners.com/exploitdb/EDB-ID:40136 *EXPLOIT* | EDB-ID:40113 5.9 https://vulners.com/exploitdb/EDB-ID:40113 *EXPLOIT* | CVE-2023-48795 5.9 https://vulners.com/cve/CVE-2023-48795 | CVE-2020-14145 5.9 https://vulners.com/cve/CVE-2020-14145 | CVE-2019-6111 5.9 https://vulners.com/cve/CVE-2019-6111 | CVE-2016-6210 5.9 https://vulners.com/cve/CVE-2016-6210 | 54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C 5.9 https://vulners.com/githubexploit/54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C *EXPLOIT* | EXPLOITPACK:98FE96309F9524B8C84C508837551A19 5.8 https://vulners.com/exploitpack/EXPLOITPACK:98FE96309F9524B8C84C508837551A19 *EXPLOIT* | EXPLOITPACK:5330EA02EBDE345BFC9D6DDDD97F9E97 5.8 https://vulners.com/exploitpack/EXPLOITPACK:5330EA02EBDE345BFC9D6DDDD97F9E97 *EXPLOIT* | 1337DAY-ID-32328 5.8 https://vulners.com/zdt/1337DAY-ID-32328*EXPLOIT* | 1337DAY-ID-32009 5.8 https://vulners.com/zdt/1337DAY-ID-32009*EXPLOIT* | SSV:91041 5.5 https://vulners.com/seebug/SSV:91041 *EXPLOIT* | PACKETSTORM:140019 5.5 https://vulners.com/packetstorm/PACKETSTORM:140019 *EXPLOIT* | PACKETSTORM:136251 5.5 https://vulners.com/packetstorm/PACKETSTORM:136251 *EXPLOIT* | PACKETSTORM:136234 5.5 https://vulners.com/packetstorm/PACKETSTORM:136234 *EXPLOIT* | EXPLOITPACK:F92411A645D85F05BDBD274FD222226F 5.5 https://vulners.com/exploitpack/EXPLOITPACK:F92411A645D85F05BDBD274FD222226F *EXPLOIT* | EXPLOITPACK:9F2E746846C3C623A27A441281EAD138 5.5 https://vulners.com/exploitpack/EXPLOITPACK:9F2E746846C3C623A27A441281EAD138 *EXPLOIT* | EXPLOITPACK:1902C998CBF9154396911926B4C3B330 5.5 https://vulners.com/exploitpack/EXPLOITPACK:1902C998CBF9154396911926B4C3B330 *EXPLOIT* | CVE-2016-10011 5.5 https://vulners.com/cve/CVE-2016-10011 | 1337DAY-ID-25388 5.5 https://vulners.com/zdt/1337DAY-ID-25388*EXPLOIT* | EDB-ID:45939 5.3 https://vulners.com/exploitdb/EDB-ID:45939 *EXPLOIT* | EDB-ID:45233 5.3 https://vulners.com/exploitdb/EDB-ID:45233 *EXPLOIT* | CVE-2018-20685 5.3 https://vulners.com/cve/CVE-2018-20685 | CVE-2018-15919 5.3 https://vulners.com/cve/CVE-2018-15919 | CVE-2018-15473 5.3 https://vulners.com/cve/CVE-2018-15473 | CVE-2017-15906 5.3 https://vulners.com/cve/CVE-2017-15906 |", "creation_timestamp": "2025-04-01T08:49:50.000000Z"}, {"uuid": "73e1529f-4103-490d-ac87-520925cce282", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/2961", "content": "https://vulners.com/githubexploit/C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 *EXPLOIT* | 1337DAY-ID-39918 6.8 https://vulners.com/zdt/1337DAY-ID-39918*EXPLOIT* | 10213DBE-F683-58BB-B6D3-353173626207 6.8 https://vulners.com/githubexploit/10213DBE-F683-58BB-B6D3-353173626207 *EXPLOIT* | CVE-2023-51385 6.5 https://vulners.com/cve/CVE-2023-51385 | EDB-ID:40858 6.4 https://vulners.com/exploitdb/EDB-ID:40858 *EXPLOIT* | EDB-ID:40119 6.4 https://vulners.com/exploitdb/EDB-ID:40119 *EXPLOIT* | EDB-ID:39569 6.4 https://vulners.com/exploitdb/EDB-ID:39569 *EXPLOIT* | CVE-2016-3115 6.4 https://vulners.com/cve/CVE-2016-3115 | PACKETSTORM:181223 5.9 https://vulners.com/packetstorm/PACKETSTORM:181223 *EXPLOIT* | MSF:AUXILIARY-SCANNER-SSH-SSH_ENUMUSERS- 5.9 https://vulners.com/metasploit/MSF:AUXILIARY-SCANNER-SSH-SSH_ENUMUSERS- *EXPLOIT* | EDB-ID:40136 5.9 https://vulners.com/exploitdb/EDB-ID:40136 *EXPLOIT* | EDB-ID:40113 5.9 https://vulners.com/exploitdb/EDB-ID:40113 *EXPLOIT* | CVE-2023-48795 5.9 https://vulners.com/cve/CVE-2023-48795 | CVE-2020-14145 5.9 https://vulners.com/cve/CVE-2020-14145 | CVE-2019-6111 5.9 https://vulners.com/cve/CVE-2019-6111 | CVE-2016-6210 5.9 https://vulners.com/cve/CVE-2016-6210 | 54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C 5.9 https://vulners.com/githubexploit/54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C *EXPLOIT* | EXPLOITPACK:98FE96309F9524B8C84C508837551A19 5.8 https://vulners.com/exploitpack/EXPLOITPACK:98FE96309F9524B8C84C508837551A19 *EXPLOIT* | EXPLOITPACK:5330EA02EBDE345BFC9D6DDDD97F9E97 5.8 https://vulners.com/exploitpack/EXPLOITPACK:5330EA02EBDE345BFC9D6DDDD97F9E97 *EXPLOIT* | 1337DAY-ID-32328 5.8 https://vulners.com/zdt/1337DAY-ID-32328*EXPLOIT* | 1337DAY-ID-32009 5.8 https://vulners.com/zdt/1337DAY-ID-32009*EXPLOIT* | SSV:91041 5.5 https://vulners.com/seebug/SSV:91041 *EXPLOIT* | PACKETSTORM:140019 5.5 https://vulners.com/packetstorm/PACKETSTORM:140019 *EXPLOIT* | PACKETSTORM:136251 5.5 https://vulners.com/packetstorm/PACKETSTORM:136251 *EXPLOIT* | PACKETSTORM:136234 5.5 https://vulners.com/packetstorm/PACKETSTORM:136234 *EXPLOIT* | EXPLOITPACK:F92411A645D85F05BDBD274FD222226F 5.5 https://vulners.com/exploitpack/EXPLOITPACK:F92411A645D85F05BDBD274FD222226F *EXPLOIT* | EXPLOITPACK:9F2E746846C3C623A27A441281EAD138 5.5 https://vulners.com/exploitpack/EXPLOITPACK:9F2E746846C3C623A27A441281EAD138 *EXPLOIT* | EXPLOITPACK:1902C998CBF9154396911926B4C3B330 5.5 https://vulners.com/exploitpack/EXPLOITPACK:1902C998CBF9154396911926B4C3B330 *EXPLOIT* | CVE-2016-10011 5.5 https://vulners.com/cve/CVE-2016-10011 | 1337DAY-ID-25388 5.5 https://vulners.com/zdt/1337DAY-ID-25388*EXPLOIT* | EDB-ID:45939 5.3 https://vulners.com/exploitdb/EDB-ID:45939 *EXPLOIT* | EDB-ID:45233 5.3 https://vulners.com/exploitdb/EDB-ID:45233 *EXPLOIT* | CVE-2018-20685 5.3 https://vulners.com/cve/CVE-2018-20685 | CVE-2018-15919 5.3 https://vulners.com/cve/CVE-2018-15919 | CVE-2018-15473 5.3 https://vulners.com/cve/CVE-2018-15473 | CVE-2017-15906 5.3 https://vulners.com/cve/CVE-2017-15906 |", "creation_timestamp": "2025-04-01T08:49:50.000000Z"}, {"uuid": "5791c6b6-5054-486a-9515-b5dc8cc28f83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "seen", "source": "Telegram/g4YVNsl8VVhm8hCc75QWhNv5PFRAQjIgSB1n0jxM2tiTPh-tRQ", "content": "", "creation_timestamp": "2025-02-01T09:42:01.000000Z"}, {"uuid": "5c921ffe-f115-426e-844a-c6069fe0cbd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "seen", "source": "Telegram/w0w9iKcyXi70OnNrtP96yLy6sw-7f3qLcDmBnN0l3DtxqHg", "content": "", "creation_timestamp": "2024-07-01T14:33:02.000000Z"}, {"uuid": "ba8bc10d-d313-4530-8852-08a6591bc27e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "seen", "source": "Telegram/eHFsan1m1sbQ7WGhWquYDZEyTPqYuvjFlFdG01P5qU4UKPM", "content": "", "creation_timestamp": "2022-06-01T15:37:55.000000Z"}, {"uuid": "54522422-e61a-4ab5-a8af-238644c50359", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "seen", "source": "Telegram/RJJYy2hOykdTHQv9MovqUH5Nr_vdKbqoUJawTNQiy6Aw7FQ", "content": "", "creation_timestamp": "2022-05-31T23:13:36.000000Z"}, {"uuid": "31382477-91c8-4056-9e66-e65d1264b653", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "seen", "source": "Telegram/xGsLy8z3fANiCroIRCfALnNfiha1hqkEaeyvq7MCrScixms", "content": "", "creation_timestamp": "2024-07-01T14:34:42.000000Z"}, {"uuid": "7043e2cf-3244-447c-bc17-e4de7d1ed048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "seen", "source": "Telegram/4r-JmUDZNqxxvmdkoRHwGE8rl_froMteEwJChso0bxMoyLA", "content": "", "creation_timestamp": "2022-06-13T11:09:08.000000Z"}, {"uuid": "903e394f-60e9-488d-898f-5d59e667f6b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "seen", "source": "https://t.me/cibsecurity/22961", "content": "\u203c CVE-2019-25017 \u203c\n\nAn issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious rcp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rcp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file). This issue is similar to CVE-2019-6111 and CVE-2019-7283. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-02T20:33:53.000000Z"}, {"uuid": "13468380-b1e1-43bc-afd5-c41030eed881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "seen", "source": "https://t.me/haccking/3324", "content": "\u200b\u200b#\u041d\u043e\u0432\u043e\u0441\u0442\u0438\n\n1. \u0424\u0438\u0448\u0435\u0440\u044b \u043a\u0440\u0430\u0434\u0443\u0442 \u043f\u0430\u0440\u043e\u043b\u0438 \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u043e\u0439 \u0433\u043e\u043b\u043e\u0441\u043e\u0432\u043e\u0439 \u043f\u043e\u0447\u0442\u044b.\n\u0427\u0438\u0442\u0430\u0442\u044c \u0434\u0430\u043b\u0435\u0435...\n\n2. \u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0441\u0432\u044f\u0437\u044c \u043c\u0435\u0436\u0434\u0443 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430\u043c\u0438 GreyEnergy \u0438 Zebrocy.\n\u0427\u0438\u0442\u0430\u0442\u044c \u0434\u0430\u043b\u0435\u0435...\n\n3. \u0412 ZoneAlarm \u043e\u0442 Check Point \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n\u0427\u0438\u0442\u0430\u0442\u044c \u0434\u0430\u043b\u0435\u0435...\n\n4. CVE-2019-6111 \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 scp.\n\u0427\u0438\u0442\u0430\u0442\u044c \u0434\u0430\u043b\u0435\u0435...\n\n5. \u0412 Chrome \u043f\u043e\u044f\u0432\u0438\u0442\u0441\u044f \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u0430\u044f \u0437\u0430\u0449\u0438\u0442\u0430 \u043e\u0442 \u0430\u0442\u0430\u043a drive-by.\n\u0427\u0438\u0442\u0430\u0442\u044c \u0434\u0430\u043b\u0435\u0435...", "creation_timestamp": "2019-01-26T08:11:15.000000Z"}, {"uuid": "1b718b5b-4c7f-4258-a0a6-20734335b37a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "seen", "source": "https://t.me/VulnerabilityNews/20049", "content": "An issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious rcp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rcp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file). This issue is similar to CVE-2019-6111 and CVE-2019-7283. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8.\nPublished at: February 02, 2021 at 07:15PM\nView on website", "creation_timestamp": "2021-02-02T20:46:12.000000Z"}, {"uuid": "d4e5bf74-c4eb-4204-9bfd-1be5c295d654", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "seen", "source": "Telegram/2G0LL9YDDO0dQKSo5p4zQWAL-pbipATIxiBPSKqKsYKP6RG0", "content": "", "creation_timestamp": "2024-07-01T14:30:24.000000Z"}, {"uuid": "2deaee56-32b9-4f2a-9c7a-6243c455acef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6111", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/168", "content": "#exploit\n1. PoC for CVE-2019-5736:\nhttps://github.com/Frichetten/CVE-2019-5736-PoC\n\n2. CVE-2019-6111:\nOpenSSH 7.9 - scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server/MiTM attacker can overwrite arbitrary files in the scp client target directory\nhttps://github.com/53n7hu/SNP\n\n3. CVE-2019-6225:\nvoucher_swap - Exploiting MIG reference counting in iOS 12\nhttps://googleprojectzero.blogspot.com/2019/01/voucherswap-exploiting-mig-reference.html\n\n4. Exploiting Malwarebytes Anti-Exploit\nhttps://acru3l.github.io/2019/02/02/exploiting-mb-anti-exploit", "creation_timestamp": "2024-10-08T14:36:45.000000Z"}]}