• Neha

OLD SCP CLIENT IMPLEMENTATION VULNERABILITY DISCOVERED


36 Year old SCP client had covered with many vulnerabilities and also discovered that the many client applications using SCP can be exploited by the malicious servers. Session Control Protocol (SCP), is a network protocol that allows users to exchange files between host on a network.

Discovered by Harry Sintonen, one of F-Secure's Senior Security Consultants, the vulnerabilities exist due to poor validations performed by the SCP clients, which can be abused by malicious servers or man-in-the-middle and can be cause to overwritten the files.

There are mainly 4 vulnerability discovered and one of them is patched and other 3 remain unpatched.

If you are very troubled of malicious SCP server pwning you, you'll be able to set up your systems to use SFTP (Secure FTP) and it'll provide you with a stronger and secure experience.

17 views0 comments