Page 2 of 18 results (0.003 seconds)

CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0

PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message. PuTTY versiones anteriores a 0.73, podría permitir que los servidores remotos SSH-1 causen una denegación de servicio mediante el acceso a ubicaciones de memoria liberadas por medio de un mensaje SSH1_MSG_DISCONNECT. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html https://security.netapp.com/advisory/ntap-20191127-0003 • CWE-416: Use After Free •

CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0

Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71. Existe el reciclado potencial de números aleatorios empleados en criptografía en PuTTY, en versiones anteriores a la 0.71. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html http://www.securityfocus.com/bid/107523 https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES https://seclists.org&#x • CWE-330: Use of Insufficiently Random Values •

CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0

Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71. Existen múltiples ataques de denegación de servicio (DoS) que pueden desencadenarse escribiendo en la terminal en PuTTY, en versiones anteriores a la 0.71. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES https://seclists.org/bugtraq/2019/Apr/6 https://security. •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable. En PuTTY, en versiones anteriores a la 0.71 en Windows, los atacantes locales podrían secuestrar la aplicación colocando un archivo de ayuda malicioso en el mismo directorio que el ejecutable. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html https://security.netapp.com/advisory/ntap-20190404-0001 https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html • CWE-427: Uncontrolled Search Path Element •

CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 0

In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding. En PuTTY, en versiones anteriores a la 0.71 en Unix, existe un desbordamiento de búfer desencadenable remotamente en cualquier tipo de redirección servidor-a-cliente. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES https://seclists.org/bugtraq/2019/Apr/6 https://security.netapp.com/advisory/ntap-20190404-0001 https://www.chiark.greenend.org • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •