PuTTY vulnerability vuln-sshredder
This is a mirror. The primary PuTTY web site can be found
here.
Home |
Licence |
FAQ |
Docs |
Download |
Keys |
Links
Mirrors |
Updates |
Feedback |
Changes |
Wishlist |
Team
summary: SSHredder test suite vulnerabilities (CERT CA-2002-36)
class: vulnerability: This is a security vulnerability.
difficulty: fun: Just needs tuits, and not many of them.
priority: high: This should be fixed in the next release.
present-in: 0.53
fixed-in: 0.53b 2002-11-09 (0.54) (0.55) (0.56) (0.57) (0.58) (0.59) (0.60)
PuTTY 0.53 and earlier are vulnerable to the attack described in
CERT advisory
CA-2002-36
"Multiple Vulnerabilities in SSH Implementations" (also
VU#389665). This
vulnerability is believed to be fixed in 0.53b (released Nov 12, 2002).
Certain well-chosen malformed or unusual packets can lead to
remote code execution attacks. See the
Rapid7 advisory
and their
SSHredder
test suite for details.
I-Proyectos has released a proof-of-concept
exploit
to BugTraq.
CVE have assigned the following
candidate IDs to the vulnerabilities tested for by SSHredder:
(I haven't checked which of these PuTTY was actually vulnerable to).
Audit trail for this vulnerability.
If you want to comment on this web site, see the
Feedback page.
(last revision of this bug record was at 2004-11-16 15:27:00 +0000)
mirror powered by triplemind.com - Web directory, Ferienwohnung Berlin, Last Minute Reisen, Language schools in Spain, Pension Dresden Hotel, Markisen Sonnenschutz Plissees, Kreuzfahrten, Routenplaner, Sofort online, Fliegen, Ferienwohnung Harz, Newsletter Software, Ferienhäuser, weltweit Sprachreisen, Webdesign Homepage erstellen, Wellness Bayern Bewerbung Geld verdienen