Get our new Windows 7 eBook (PDF) for $7 with 70+ Tips. Download Now!

PuTTY Two Integer Overflow Vulnerabilities

Saturday, March 5th, 2005
by Marc Erickson

No Related Post

“Secunia Advisory: SA14333

Critical: Moderately critical

Impact: System access

Where: From remote

Solution Status: Vendor Patch

Software: PuTTY 0.x

Ga�l Delalleau has reported two vulnerabilities in PuTTY, which can be exploited by malicious people to compromise a user’s system.

1) An integer overflow in the “fxp_readdir_recv()” function in “sftp.c” can be exploited to execute arbitrary code via a malicious SFTP (SSH File Transfer Protocol) server sending a specially crafted respond to the “FXP_READDIR” command.

2) An integer overflow in the “fxp_open_recv()” function in “sftp.c” can be exploited to execute arbitrary code via a malicious SFTP server sending a specially crafted string field.

NOTE: Successful exploitation is only possible after host key verification.

The vulnerabilities have been reported in versions prior to 0.57.

Solution: Update to version 0.57.
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html“

Full article: Secunia Advisory: SA14333

Tags

Categories

Technology

What Do You Think?

Posted Recently

Shifting Blame Is Socially Contagious

Sustainable Food Production Isn’t So Sustainable

Developing ‘Green’ Tires That Boost Mileage And Cut Carbon Dioxide Emissions

Researchers Create ‘Fly Paper’ To Capture Circulating Cancer Cells

UCLA Study Shows Brain’s Ability To Reorganize

New Research Helps Explain Why Bird Flu Has Not Caused A Pandemic

Better Way To Harness Waste Heat

Five Exercises Can Reduce Neck, Shoulder Pain Of Women Office Workers

UT’s Kraken Named World’s Third Fastest Computer, ORNL’s Jaguar Is #1

Tiny Bubbles Clean Oil From Water

Warmer Means Windier On World’s Biggest Lake

Researchers Find Potential Treatment For Huntington’s Disease

Transcendental Meditation Helped Heart Disease Patients Lower Cardiac Disease Risks By 50%

Record Highs Far Outpace Record Lows Across US

Mystery Contemplated By Charles Darwin Solved

Study Offers Tips On Taming The Boogie Monster

Sponges Recycle Carbon To Give Life To Coral Reefs

Pushing Light Beyond Its Known Limits

Researchers Turn Algae Into High-Temperature Hydrogen Source

To Make Memories, New Neurons Must Erase Older Ones

Faulty Body Clock May Make Kids Bipolar

Energy-Saving Powder

Drug Industry, Nonprofits Join Forces To Fight World’s Neglected Diseases

Ice Cream Researchers Making Sweet Strides With ‘Functional Foods’

Remains Of Minoan-Style Painting Discovered During Excavations Of Canaanite Palace

Improvements Proposed For Electronic Voting By Internet

Rutgers Computer Scientists Work To Strengthen Online Security

Yoga Boosts Heart Health

Darwin Meets Facebook

Researchers Find New Way To Spot Fraud

1930s Drug Slows Tumor Growth

Past Climate Of Antarctica Informs Global Warming Debate

58% Of U.S. Doctors Report Patients Have Difficulty Paying

Atlanta’s Fernbank Museum Tracks Infamous Conquistador Through Southeast

Oral Contraceptives May Benefit Women With Asthma

New Evidence Supports 19th Century Idea On Formation Of Oil And Gas

Internet Search Process Affects Cognition, Emotion

Quantum Gas Microscope Offers Glimpse Of Quirky Ultracold Atoms

‘The Eyes Have It’ For ID Verification

Research Leads To Improved Human, Object Detection Technology

35 queries / 0.577 seconds.