|Category:||Mageia Linux Local Security Checks|
|Title:||Mageia Linux Local Check: mgasa-2016-0118|
|Summary:||Mageia Linux Local Security Checks mgasa-2016-0118|
Mageia Linux Local Security Checks mgasa-2016-0118
Many versions of PSCP in PuTTY prior to 0.67 have a stack corruption vulnerability in their treatment of the 'sink' direction (i.e. downloading from server to client) of the old-style SCP protocol. In order for this vulnerability to be exploited, the user must connect to a malicious server and attempt to download any file (CVE-2016-2563). FileZilla was vulnerable to this issue as it bundles a copy of PuTTY. The filezilla package has been updated to version 3.16.1, which fixes this issue and has many other fixes and enhancements.
Update the affected packages to the latest available version.
Common Vulnerability Exposure (CVE) ID: CVE-2016-2563|
BugTraq ID: 84296
SuSE Security Announcement: openSUSE-SU-2016:1453 (Google Search)
|Copyright||Copyright (C) 2016 Eero Volotinen|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.