SCP, Not

via   the comic delivery system monikered   Randall Munroe   at   XKCD  !

via the comic delivery system monikered Randall Munroe at XKCD!

Another tremendous security post via Catalin Cimpanu writing for ZDNet’s Zero Day; in which, the good Mr. Cimpanu tells the tale of the thirty-six yera-old flaw in SCP – the Secure Copy Protocol. This time, rearing it’s apparently flawed noggin through coded flaws in SCP (the ‘secure’ version of RCP – the Remote Copy Protocol). The flaws, in their essential form, permit malign SCP servers free reign on the host system. Just astonishing this has existed since the last quarter of the twentieth century…

“The vulnerabilities have been discovered by Harry Sintonen, a security researcher with Finnish cyber-security firm F-Secure, who’s been working since August last year to have them fixed and patched in the major apps that support the SCP protocol.” via Catalin Cimpanu at ZDNet’s Zero Day



*** This is a Security Bloggers Network syndicated blog from Infosecurity.US authored by Marc Handelman. Read the original post at: https://www.infosecurity.us/blog/2019/1/18/scp-not