Decades-Old Flaws Leave SCP Clients Vulnerable To Attack

Security flaws dating back 36 years, to 1983, have been found to affect past and current versions of Secure Copy Protocol (SCP) implementations, a secure file-transfer protocol used in popular tools such as OpenSSH, PuTTy and WinSCP.

The bugs could allow a malicious SCP server to make unauthorised changes to files on a client’s system and to hide malicious operations, said researcher Harry Sintonen of F-Secure.

Sintonen said he has been working with vendors to patch the issues since last August, but at present they have only been addressed in WinSCP, which addresses them in release 5.14, issued in October 2018.

SCP is a secure version of the Remote Copy Protocol (RCP), and the issues arise from RCP, Sintonen said.

Decades-old flaws

He said one of the issues is caused by SCP clients failing to verify whether the objects sent by the SCP server are identical to those that were asked for, meaning that altered documents can be sent.

“This issue dates back to 1983 and RCP, on which SCP is based,” Sintonen said in an advisory.

A separate issue in SCP clients allows target directory attributes to be changed arbitrarily, while two further client bugs allow servers to spoof client output, Sintonen said.

Because the bugs could allow a malicious server to overwrite arbitrary files on a client’s system, including critical system files, they can effectively be used to execute malicious code on that system, Sintonen said.

He noted that the attacks rely on the client connecting to a malicious server, which could, for instance, be a legitimate server that has been taken over by attackers.

Sintonen advised users to switch to patched clients if possible, or, if not, to use alternative protocols such as SFTP.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

10 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

13 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

14 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

15 hours ago