CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
89.5%
PuTTY is a telnet and SSH client.
Multiple vulnerabilities have been discovered in PuTTY. Please review the CVE identifiers referenced below for details.
An attacker could entice a user to open connection to specially crafted SSH server, possibly resulting in execution of arbitrary code with the privileges of the process or obtain sensitive information.
There is no known workaround at this time.
All PuTTY users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/putty-0.63"
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Gentoo | any | all | net-misc/putty | <Β 0.63 | UNKNOWN |