Page 6 of 34 results (0.005 seconds)

CVSS: 7.5EPSS: 8%CPEs: 8EXPL: 0

Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow (1) remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, and (2) remote malicious servers to cause a denial of service (client crash) and possibly execute arbitrary code via a large bignum during authentication. • http://marc.info/?l=bugtraq&m=109167869528138&w=2 http://secunia.com/advisories/12212 http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modpow.html http://www.gentoo.org/security/en/glsa/glsa-200408-04.xml http://www.securityfocus.com/bid/10850 https://exchange.xforce.ibmcloud.com/vulnerabilities/16885 •

CVSS: 10.0EPSS: 12%CPEs: 10EXPL: 0

Integer signedness error in the ssh2_rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2_MSG_DEBUG packet with a modified stringlen parameter, which leads to a buffer overflow. Error de falta de signo en enteros en la función ssh2_rdpkt en PuTTY anteriores a 0.56 permite a atacantes remotos ejecutar código de su elección mediante un paquete SSH2_MSG_DEBUG con un parámetro stringlen modificado, lo que conduce a un desbordamiento de búfer. • http://marc.info/?l=bugtraq&m=109889312917613&w=2 http://secunia.com/advisories/12987 http://secunia.com/advisories/13012 http://secunia.com/advisories/17214 http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414 http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416 http://www.chiark.greenend.org.uk/~sgtatham/putty http://www.gentoo.org/security/en/glsa/glsa-200410-29.xml http://www.idefense.com/application/poi/display?id=155&type=vulnerabilities&flashstatus=true ht •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html http://marc.info/?l=bugtraq&m=104612710031920&w=2 http://www.iss.net/security_center/static/11414.php http://www.osvdb.org/8347 •

CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0

PuTTY 0.53b and earlier does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. PuTTy 0.53b y anteriores no borran los credenciales de inicio de sesión de memoria, incluyendo contraseñas en texto plano, lo que podría permitir a atacantes con acceso a memoria robar los credenciales SSH. • http://marc.info/?l=bugtraq&m=104386492422014&w=2 http://www.idefense.com/advisory/01.28.03.txt http://www.securityfocus.com/bid/6724 http://www.securitytracker.com/id?1006014 •

CVSS: 10.0EPSS: 4%CPEs: 16EXPL: 0

Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html http://securitytracker.com/id?1005812 http://securitytracker.com/id?1005813 http://www.cert.org/advisories/CA-2002-36.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5721 • CWE-20: Improper Input Validation •