|    |    |    | Today: 16-Nov-2018 |

jsch 0.1.53 Path Traversal

September 22, 2016 | Posted in ExploitAlert

A malicious sftp server may force a client-side relative path traversal in jsch's implementation for recursive sftp-get allowing the server to write files outside the clients download basedir with effective permissions of the jsch sftp client process. Versions 0.1.53 and below are affected.


Source: jsch 0.1.53 Path Traversal

Taged in: traversal