Download
| Alert*
|
oval:org.secpod.oval:def:108501
Putty is a SSH, Telnet & Rlogin client - this time for Linux. oval:org.secpod.oval:def:601981 Patrick Coleman discovered that the Putty SSH client failed to wipe out unused sensitive memory. In addition Florent Daigniere discovered that exponential values in Diffie Hellman exchanges were insufficienty restricted. oval:org.secpod.oval:def:33712 The host is installed with PuTTY 0.51 through 0.63 and is prone to an information disclosure vulnerability. The flaw is present in the (1) ssh2_load_userkey and (2) ssh2_save_userkey functions, which do not properly wipe SSH-2 private keys from memory. Successful exploitation allows local users to o ... oval:org.secpod.oval:def:108497 Putty is a SSH, Telnet & Rlogin client - this time for Linux. |
