Tracker »
Issue 1459 »
Issue activity log
| 2016-09-12 14:45 | Created | DLL hijacking protection |
| Component | General | |
| Severity | Enhancement | |
| Comment | PuTTY Commit 9398d230 | |
| Comment | https://winscp.net/forum/viewtopic.php?t=23717 | |
| Comment | Implemented. | |
| Implemented in | 5.10 | |
| Status | RESOLVED | |
| Resolution | FIXED | |
| 2017-07-10 21:45 | Comment | https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack.html https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack-2.html https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack-3.html |
| 2017-07-10 21:46 | Comment | Further improved in 5.10.3 and 5.9.7. |
| 2022-08-06 18:11 | Comment | Further improved in 5.21.2. |
| 2022-10-06 11:21 | Comment | Further improved in WinSCP 5.10.3 and WinSCP 5.9.7. |
| Comment | Further improved in WinSCP 5.21.2. | |
| 2023-09-26 14:26 | Comment | https://git.tartarus.org/?p=simon/putty.git;a=commit;h=9398d230339d5bfaa94093af89a17abf33b5dfad https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack.html |
| 2023-09-26 14:30 | Comment | Further improved in WinSCP 5.10.3 ([[https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack-3.html|vuln-indirect-dll-hijack-3]] and WinSCP 5.9.7. |
| 2023-09-26 14:31 | Comment | Further improved in WinSCP 5.10.3 (and WinSCP 5[.[9.7. https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack-3.html|vuln-indirect-dll-hijack-3]] and WinSCP 5.9.7. |
| 2023-09-26 14:32 | Comment | Further improved in WinSCP 5.10.3 and WinSCP 5.9.7. https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack-3.html|vuln-indirect-dll-hijack-3 |
| Comment | https://git.tartarus.org/?p=simon/putty.git;a=commit;h=9398d230339d5bfaa94093af89a17abf33b5dfad https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack.html | |
| Comment | https://git.tartarus.org/?p=simon/putty.git;a=commit;h=9398d230339d5bfaa94093af89a17abf33b5dfad https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack.html | |
| 2023-09-26 14:33 | Comment | Further improved in WinSCP 5.10.3 9.7 https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack-2.html and WinSCP 5.9.7.10.3 https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack-3.html |
| Comment | Further improved in WinSCP 5.9.7: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack-2.html and WinSCP 5.10.3: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack-3.html | |
| 2023-09-26 14:36 | Comment | Further improved in WinSCP 5.9.7: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack-2.html 10.3 and WinSCP 5.10.39.7: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack-3.html |
| 2023-09-26 14:37 | Comment | Further improved in WinSCP 5.10.3 and WinSCP 5.9.7: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack-3.html |
| 2023-09-26 14:43 | Comment | Further improvedActually implemented only in WinSCP 5.21.2.: https://github.com/winscp/winscp/commit/96b856dac0a18f08484d70aa4999dc5984c921f6 |
| Implemented in | 5.10 → 5.21.2 | |
| 2023-09-26 14:44 | Comment | httpsThis related PuTTY change is not relevant for WinSCP://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack.html· https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack-2.html· https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-indirect-dll-hijack-3.html |
| 2023-09-27 09:22 | Comment | Follow-up Issue 2223. |
| 2024-03-25 08:19 | Comment | https://www.exploitalert.com/view-details./htmlwinscp?-iddll=-hijacking-exploit-shcore-24734dll |
| 2024-06-10 11:06 | Comment | https://exploitalert.com/view-details/winscp-dll-hijacking-exploit-shcore-dll |