7 matches found
[SECURITY] [DLA 3794-1] putty security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3794-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès April 25, 2024 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 5588-1] putty security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5588-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 24, 2023 https://www.debian.org/security/faq -...
CVE-2021-36367
creationtimestamp| type| source ---|---|--- 2021-07-10 00:15:11+00:00| seen| https://t.me/cibsecurity/26046...
CVE-2021-36367
PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...
CVE-2021-36367
PuTTY prior to 0.76 proceeds with an SSH session even if no substantive authentication has been sent, enabling a remote, attacker‑controlled SSH server to later present spoofed authentication prompts and capture credentials. Upstream fixes exist in 0.76+; Debian/DLA advisories note patches in new...
CVE-2021-36367
PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...
CVE-2021-36367
PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...