scp < 2.1 Traversal File Create/Overwrite

Medium Nessus Network Monitor Plugin ID 1970


The remote server may allow attackers to retrieve or modify sensitive files.


The remote host is running SSH 1.2.3 or 1.2 (as a client). There is a vulnerability in this version that allows a malicious scp server to overwrite arbitrary files via a directory traversal bug. An attacker may use this flaw to compromise this host. To exploit it, the attacker would have to compromise a host to which users of this host are SSH'ing into, and then to set up a trojaned version of scp which would overwrite files on this host


Upgrade to version 2.1 or higher.

Plugin Details

Severity: Medium

ID: 1970

Family: SSH

Published: 2004/08/20

Modified: 2016/11/23

Dependencies: 1997, 3059

Nessus ID: 11339

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:F/RL:U/RC:ND


Base Score: 5.3

Temporal Score: 5.1


Temporal Vector: CVSS3#E:F/RL:U/RC:X

Reference Information

CVE: CVE-2000-0992

BID: 1742