CVE ID
CVE-2017-15906
DESCRIPTION
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
RESOLUTION
- CentOS6 Unitrends' appliances (physical and/or virtual) are not affected by this CVE.
- CentOS7 Unitrends' appliances (phyiscal and/or virtual) are not affected by this CVE.