info
discussion
exploit
solution
references
WinSCP SSH2 Authentication Password Persistence Weakness
It has been reported that WinSCP does not safely handle password information. As a result, a local user may be able to recover authentication passwords.
Privacy Statement
Copyright 2010, SecurityFocus