VDB

GCVE-110-MAGEIA-2016-118

GCVE-110-MAGEIA-2016-118
Advisory Published
Vulnetix · Advisory published March 25, 2016
Many versions of PSCP in PuTTY prior to 0.67 have a stack corruption vulnerability in their treatment of the 'sink' direction (i.e. downloading from server to client) of the old-style SCP protocol. In order for this vulnerability to be exploited, the user must connect to a malicious server and attempt to download any file (CVE-2016-2563). FileZilla was vulnerable to this issue as it bundles a copy of PuTTY. The filezilla package has been updated to version 3.16.1, which fixes this issue and has many other fixes and enhancements.

Affected Products

VendorProductVersionsPlatforms
Mageiapcmanfm1.2.3-2.2.mga5 (unaffected), 0 (affected)
Mageiafilezilla0 (affected), 3.16.1-1.mga5 (unaffected), 0 (affected), 3.16.1-1.mga5 (unaffected)
Mageiapugixml0 (affected), 1.7-1.mga5 (unaffected), 0 (affected), 1.7-1.mga5 (unaffected)
Mageialibfilezilla0 (affected), 0.4.0.1-1.mga5 (unaffected), 0 (affected), 0.4.0.1-1.mga5 (unaffected)

Browse GCVE Records

73,161 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›