Topic "WinSCP 5.7.6/OpenSSL 1.0.1p Susceptible to DROWN???? CVE-2016-0800"

Author Message


Is WinSCP 5.7.6 which uses OpenSSL 1.0.1p Susceptible to the DROWN Vulnerability called out in CVE-2016-0800?
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 26299
Location: Prague, Czechia
WinSCP does not support SSL 2.0 since version 4.3. So I believe it makes it immune to the DROWN.
Though the vulnerability is not described in detail from a client point of view.

You can post new topics in this forum

Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!


About donations

$9   $19   $49   $99

About donations


WinSCP Privacy Policy

WinSCP License