E-Mail:

PuTTY Two Integer Overflow Vulnerabilities

Secunia Advisory: SA14333

Critical: Moderately critical

Impact: System access

Where: From remote

Solution Status: Vendor Patch

Software: PuTTY 0.x

Gaël Delalleau has reported two vulnerabilities in PuTTY, which can be exploited by malicious people to compromise a user’s system.

1) An integer overflow in the “fxp_readdir_recv()” function in “sftp.c” can be exploited to execute arbitrary code via a malicious SFTP (SSH File Transfer Protocol) server sending a specially crafted respond to the “FXP_READDIR” command.

2) An integer overflow in the “fxp_open_recv()” function in “sftp.c” can be exploited to execute arbitrary code via a malicious SFTP server sending a specially crafted string field.

NOTE: Successful exploitation is only possible after host key verification.

The vulnerabilities have been reported in versions prior to 0.57.

Solution: Update to version 0.57.
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Full article: Secunia Advisory: SA14333

What Do You Think?

 

Want to Start a Blog Here for Free?

Are you an expert in one subject or another? If your goal is to help others and dispense your hard-earned information back to the community, get involved in our community site today! You can write about anything - no matter the topic. Exceptional candidates will be offered the chance to contribute to (and generate revenue from) the main Lockergnome site. Join us today!

65 queries / 0.182 seconds.