172 matches found
PT-2006-3920 · Winscp · Winscp
Name of the Vulnerable Software and Affected Versions: WinSCP version 3.8.1 build 328 Description: The issue allows remote attackers to upload or download arbitrary files via encoded spaces and double-quote characters in a scp or sftp URI. Recommendations: For WinSCP version 3.8.1 build 328, upda...
KLA11446 SB vulnerability in WinSCP
Argument injection vulnerability was found in WinSCP. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories Older Versions Related products WinSCP CVE list CVE-2006-3015 high Solution Update to the latest version Download WinSCP Impacts SB Security...
WinSCP 3.8.1 - URI Handler Arbitrary File Access
WinSCP 3.8.1 - URI Handler Arbitrary File Access source: https://www.securityfocus.com/bid/18384/info WinSCP is prone to an arbitrary file-access vulnerability. An attacker can exploit this issue to upload arbitrary files to a victim user's computer or to download arbitrary files from the victim'...
WinSCP < 3.8.2 Arbitrary Command Insertion
Binary data 3648.prm...
WinSCP 3.8.1 - URI Handler Arbitrary File Access
source: https://www.securityfocus.com/bid/18384/info WinSCP is prone to an arbitrary file-access vulnerability. An attacker can exploit this issue to upload arbitrary files to a victim user's computer or to download arbitrary files from the victim's computer in the context of the vulnerable...
[Full-disclosure] WinSCP - URI Handler Command Switch Parsing
WinSCP - URI Handler Command Switch Parsing About winscp : WinSCP is an open source freeware SFTP client for Windows using SSH. Legacy SCP protocol is also supported. Its main function is safe copying of files between a local and a remote computer. Versions affected : It was tested on WinSCP 3.8....
WinSCP URI handler command execution
scp:// and sftp:// URI handlers allow to transmit unsafe paramters via command line...
[NT] WinSCP Denial of Service
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
WinSCP DoS
Oversized URL causes client to hang...
WinSCP 3.5.6 - Long URI Handling Memory Corruption
WinSCP 3.5.6 - Long URI Handling Memory Corruption source: https://www.securityfocus.com/bid/10160/info It has been reported that WinSCP may be prone to a denial of service condition resulting from memory corruption. This issue occurs when the application attempts to handle excessively long 'sftp...
WinSCP 3.5.6 - Long URI Handling Memory Corruption
source: https://www.securityfocus.com/bid/10160/info It has been reported that WinSCP may be prone to a denial of service condition resulting from memory corruption. This issue occurs when the application attempts to handle excessively long 'sftp:' or 'scp' addresses. WinSCP 3.5.6 is reported to ...
R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Rapid 7, Inc. Security Advisory Visit http://www.rapid7.com/ to download NeXposetm, our advanced vulnerability scanner. Linux and Windows 2000 versions are available now! Rapid 7 Advisory R7-0009 Vulnerabilities in SSH2 Implementations from Multiple...