WinSCP Integer Overflow Vulnerability (Windows) Network Vulnerability

Summary

The host is installed with WinSCP and is prone to integer overflow vulnerability.

Impact

Successful exploitation will allow attackers to cause heap-based buffer overflows, resulting in a denial of service or potentially allowing the execution of arbitrary code.

Solution

Upgrade to version 5.1.6 or later, For updates refer to http://winscp.net

Insight

Flaw is due to improper validation of message lengths in the getstring() function in sshrsa.c and sshdss.c when handling negative SSH handshake.

Affected

WinSCP version before 5.1.6 on Windows

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://secunia.com/advisories/54355
http://winscp.net/eng/docs/history#5.1.6
http://winscp.net/tracker/show_bug.cgi?id=1017
http://www.osvdb.com/95970

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-4852

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apple QuickTime Multiple Arbitrary Code Execution Vulnerabilities (Win)
Apache CouchDB Web Administration Interface Cross Site Scripting Vulnerability
Apple Safari WebKit Information Disclosure Vulnerability (Windows)
Apache Tomcat Multiple Vulnerabilities-01 (Nov14)
Asterisk SIP REGISTER Response Username Enumeration Vulnerability

Take action and discover your vulnerabilities