All Secure Copy Protocol (SCP) implementations contain 4 security vulnerabilities that allow malicious SCP servers to make changes on the client's side:

zdnet.com/article/scp-implemen

– all SCP implementations (OpenSSH, Putty, WinSCP etc.) are affected
– vulnerabilities are there since 1983
– CVE-2018-20685, CVE-2019-6111, CVE-2019-6109, CVE-2019-6110
– at the moment, only WinSCP provides a patch (WinSCP 5.14)

#scp #ssh #openssh #winscp #putty #vulnerability #infosec #cybersecurity #security

Inscrivez-vous pour prendre part à la conversation
Mastodon - Gougère Network

Vive les gougères ! mnt-by: @yapret @papaeng89