Download
| Alert*
|
oval:org.secpod.oval:def:17500
The host is installed with WinSCP before 5.5.3 and is prone to a man-in-the-middle attack vulnerability. A flaw is present in the application, which fails to verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate. Succ ... oval:org.secpod.oval:def:67414 The host is installed with WinSCP 5.17.8 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle long file names. Successful exploitation could allow attackers to cause a denial of service via a malicious FTP. oval:org.secpod.oval:def:15941 WinSCP (32-bit) application is installed on Windows machine. oval:org.secpod.oval:def:15942 The host is installed with WinSCP before 5.1.6 or PuTTY 0.62 and earlier and is prone to an integer overflow vulnerability. The flaw is present in the application, which fails to handle a negative size value in an RSA key signature during the SSH handshake. Successful exploitation could allow attack ... oval:org.secpod.oval:def:50196 The host is installed with WinSCP before 5.14 beta and is prone to an input validation error vulnerability. A flaw is present in the application, which fails to properly handle the TSCPFileSystem::SCPSink in core/ScpFileSystem.cpp. Successful exploitation could allow scp implementation to accept arb ... oval:org.secpod.oval:def:50195 The host is installed with OpenSSH through 7.9p1 or WinSCP through 5.13 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle an issue in the scp client utility. Successful exploitation could allow a malicious scp server to write arbitr ... oval:org.secpod.oval:def:90723 Updates available for WinSCP. |
