Download
| Alert*
|
oval:org.secpod.oval:def:105840
Putty is a SSH, Telnet & Rlogin client - this time for Linux. oval:org.secpod.oval:def:16587 The host is installed with PuTTY before 0.63 and is prone to buffer underflow vulnerability. The flaw is present in the modmul function in sshbn.c in PuTTY, which is not properly handled when performing certain bit-shifting operations during modular multiplication. Successful exploitation allows rem ... oval:org.secpod.oval:def:16588 The host is installed with PuTTY before 0.63 and is prone to buffer overflow vulnerability. The flaw is present in the application, which is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality. Successful exploi ... oval:org.secpod.oval:def:16589 The host is installed with PuTTY before 0.63 and is prone to information disclosure vulnerability. The flaw is present in the rsa_verify function in PuTTY, which does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory. Successful ... oval:org.secpod.oval:def:33712 The host is installed with PuTTY 0.51 through 0.63 and is prone to an information disclosure vulnerability. The flaw is present in the (1) ssh2_load_userkey and (2) ssh2_save_userkey functions, which do not properly wipe SSH-2 private keys from memory. Successful exploitation allows local users to o ... oval:org.secpod.oval:def:15942 The host is installed with WinSCP before 5.1.6 or PuTTY 0.62 and earlier and is prone to an integer overflow vulnerability. The flaw is present in the application, which fails to handle a negative size value in an RSA key signature during the SSH handshake. Successful exploitation could allow attack ... |
