Detections
Analytics

WinSCP < 5.1.7 Multiple Vulnerabilities

medium Nessus Plugin ID 72389

Language:

Synopsis

The remote Windows host has an application installed that is affected by multiple vulnerabilities.

Description

The WinSCP program installed on the remote host is a version prior to 5.1.7. It therefore contains code from PuTTY that is affected by the following vulnerabilities related to PuTTY :

 - An overflow error exists that allows heap corruption when handling DSA signatures. (CVE-2013-4206)

 - A buffer overflow error exists related to modular inverse calculation, non-coprime values, and DSA signature verification. (CVE-2013-4207)

 - An error exists that allows disclosure of private key material. (CVE-2013-4208)

Solution

Upgrade to WinSCP version 5.1.7 / 5.2.4 beta or later.

See Also

https://winscp.net/tracker/show_bug.cgi?id=1039

https://winscp.net/eng/docs/history#5.1.7

http://www.nessus.org/u?20c27652

http://www.nessus.org/u?e1b0243c

http://www.nessus.org/u?7bdd07a8

Plugin Details

Severity: Medium

ID: 72389

File Name: winscp_5_1_7.nasl

Version: 1.4

Type: local

Agent: windows

Family: Windows

Published: 2/7/2014

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:winscp:winscp

Required KB Items: installed_sw/WinSCP

Exploit Ease: No known exploits are available

Patch Publication Date: 8/14/2013

Vulnerability Publication Date: 8/6/2013

Reference Information

CVE: CVE-2013-4206, CVE-2013-4207, CVE-2013-4208

BID: 61644, 61645, 61649