Tartarus CVS: putty simon

tartarus-commits-admin@lists.tartarus.org tartarus-commits-admin@lists.tartarus.org
Sat, 21 Oct 2000 18:36:44 +0100

CVSROOT:	/home/cvs
Module name:	putty
Changes by:	simon	00/10/21 18:36:44

Modified files:
	.              : scp.c 

Log message:
Fix a potential vulnerability in incoming `pscp -r'. The server
sends filenames of things in the directory being copied. A malicious
server could have sent, for example, "..\..\windows\system\foo.dll"
and overwritten something crucial. The filenames are now vetted to
ensure they don't contain slashes or backslashes.