Tartarus CVS: putty simon

tartarus-commits-admin@lists.tartarus.org tartarus-commits-admin@lists.tartarus.org
Sat, 21 Oct 2000 18:52:54 +0100


CVSROOT:	/home/cvs
Module name:	putty
Changes by:	simon	00/10/21 18:52:54

Modified files:
	.              : scp.c 

Log message:
Ooh. Actually, that vulnerability is further-reaching than I
thought. As well as the ".." attack in recursive copies, the name
sent by the client was also trusted in a single-file implicit-
destination copy such as "pscp host:foo .". (The result was ./foo,
where foo is what the server claimed the file was rather than what
the user asked for. I think it's not unreasonable that if the user
requests file `foo' from the host, he should get the result in a
file called `foo' no matter what the host thinks.)