OpenSSH < 3.4p1 scp Traversal Arbitrary File Overwrite

This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.

Synopsis :

A file transfer client on the remote host could be abused to
overwrite arbitrary files.

Description :

According to its banner, the version of OpenSSH running on the remote
host is earlier than version 3.4p1. Such versions contain an
arbitrary file overwrite vulnerability that could allow a malicious
SSH server to cause the supplied scp utility to write to arbitrary
files outside of the current directory.

See also :

Solution :

Upgrade to OpenSSH 3.4p1 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.2
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 17701 ()

Bugtraq ID: 9986

CVE ID: CVE-2004-0175