SCP transfers to Cisco devices are broken since SCP fixes (likely in 0.9.3 and 0.8.8)

The CVE-2019-14889 and SSH-01-008 in 2019 [1] were addressing the SCP protocol vulnerabilities that could cause arbitrary command execution (due to the way how SCP protocol is (mis)defined). The guardrails and sanitation were created around the UNIX paths look like. But it turns out Cisco or some non-UNIX systems have odd paths that we did not count with and that are malformed by the sanitization.

This is a problem for ansible, which is used to manage Cisco devices and transfer something to the paths like bootflash:/c8000v-universalk9.17.12.05a.SPA.bin.

This was brought up in the pylibssh issue [2] so mirroring/cross-referencing it here.

[1] https://www.libssh.org/2019/12/10/libssh-0-9-3-and-libssh-0-8-8-security-release/ [2] https://github.com/ansible/pylibssh/issues/673