2 matches found
VulnCheck KEV: CVE-2019-6111
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned only directory traversal attacks are...
NetKit Input Validation Vulnerability
NetKit is a network environment simulation system. A security vulnerability exists in NetKit 0.17 and earlier versions, which stems from the fact that the server selects the file/directory to be sent to the client, but the rcp client only loosely validates the name of the returned object. An...