Secunia SmallBusiness
Overview
Advisories
Research
Forums
Create Profile
Our Commitment
All Threads
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: WinSCP 4.1.8 (current version) reported as old/insecure

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
 And, this specific program:
WinSCP 4.x

This thread has been marked as locked.
daytrader WinSCP 4.1.8 (current version) reported as old/insecure
Member 19th Dec, 2008 23:48
Ranking: 0
Posts: 13
User Since: 19th Dec, 2008
System Score: N/A
Location: N/A
 I have WinSCP 4.1.8 from http://winscp.net/eng/index.php installed to a non-standard location. This is the latest, current, version. Secunia 1.0.0.3 reports it erroneously as ver. 4.0.0.342 and declares it to be insecure.

The Download link points to a very old version: http://ovh.dl.sourceforge.net/sourceforge/winscp/w... -- which nonetheless is newer than the version erroneously reported by Secunia.

Bradley RE: WinSCP 4.1.8 (current version) reported as old/insecure
Member 20th Dec, 2008 01:29
Score: 1
Posts: 8
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
 I tried updating from 4.1.7 and it seemed to update fine and the WinSCP program works good too. BUT, now PSI 1.0.0.3 (after a full scan) only detected the removal of the 4.1.7 version and did not detect the new version at all. It is installed in the default location on my Windows XP SP3 system.
Was this reply relevant?
+0
-0
daytrader RE: WinSCP 4.1.8 (current version) reported as old/insecure
Member 4th Jul, 2009 02:19
Score: 0
Posts: 13
User Since: 19th Dec 2008
System Score: N/A
Location: N/A
 I now have Secunia 1.5 and WinSCP 4.1.9 -- the current version as I write this. WinSCP still shows up as insecure. The download offered by Secunia PSI is to a very old version, 4.0.4 -- the same version that the previous Secunia PSI platform erroneously offered for download.

Other than this false negative and one other program, I have no fixable vulnerabilities shown. I'm at 99%. Would like Secunia to address this one, please.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom
 
© 2002-2013 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability