4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.021 Low
EPSS
Percentile
89.3%
It was discovered that PuTTY’s terminal emulator did not properly
validate the parameter to the ECH (erase characters) control sequence,
allowing a denial of service and possibly remote code execution.
For the oldoldstable distribution (squeeze), this problem has been
fixed in version 0.60+2010-02-20-1+squeeze4.
For the oldstable (wheezy) and stable (jessie) distributions, this
problem will be fixed soon.
CPE | Name | Operator | Version |
---|---|---|---|
putty | eq | 0.60+2010-02-20-1+squeeze3 | |
putty | eq | 0.60+2010-02-20-1+squeeze1 | |
putty | eq | 0.60+2010-02-20-1 | |
putty | eq | 0.60+2010-02-20-1+squeeze2 |