CVE-2011-4607

PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords by obtaining access to the process' memory...

CVE-2011-4607

PuTTY 0.59–0.61 is affected by an information-disclosure issue: sensitive memory may not be cleared during keyboard-interactive authentication, potentially allowing a local attacker to read login passwords from the process memory. Sources confirm the affected versions and local-impact disclosure....

KLA11441 OSI vulnerability in PuTTy

A buffer overflow vulnerability was found in PuTTY. Malicious users can exploit this vulnerability locally to obtain sensitive information. Original advisories PuTTY vulnerability password-not-wiped Related products PuTTY CVE list CVE-2011-4607 warning Solution Update to the latest version Downlo...

PuTTY Password Local Information Disclosure

The remote host has an installation of PuTTY between 0.59 and 0.61, inclusive. Such versions are known to contain an information disclosure issue, where PuTTY neglects to wipe passwords from memory that it no longer requires. Note that to exploit this vulnerability, a malicious, local process mus...