CVE-2016-2563

CRITICAL

9bis kitty < 0.66.6.3 - Stack-based Buffer Overflow via SCP-SINK File-Size Response

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-2563. PoCs published by tintinweb.

AI-analyzed exploit summary The exploit targets a stack buffer overflow in PuTTY's SCP client (pscp) due to an unbounded sscanf operation, allowing a malicious server to overwrite the stack buffer and potentially achieve remote code execution. The PoC includes a server-side script to trigger the vulnerability.

Description

Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request.

Exploits (1)

exploitdb WORKING POC

by tintinweb · textdosmultiple

https://www.exploit-db.com/exploits/39551

View Code ZIP pw:eip

The exploit targets a stack buffer overflow in PuTTY's SCP client (pscp) due to an unbounded sscanf operation, allowing a malicious server to overwrite the stack buffer and potentially achieve remote code execution. The PoC includes a server-side script to trigger the vulnerability.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: PuTTY pscp 0.59 to 0.66

Auth required

Prerequisites: Malicious SCP server · Victim initiates SCP download

MITRE ATT&CK