Follow

All Secure Copy Protocol (SCP) implementations contain 4 security vulnerabilities that allow malicious SCP servers to make changes on the client's side:

zdnet.com/article/scp-implemen

– all SCP implementations (OpenSSH, Putty, WinSCP etc.) are affected
– vulnerabilities are there since 1983
– CVE-2018-20685, CVE-2019-6111, CVE-2019-6109, CVE-2019-6110
– at the moment, only WinSCP provides a patch (WinSCP 5.14)

Sign in to participate in the conversation
Mastodon

mastodon.at is a microblogging site that federates with most instances on the Fediverse.