PT-2020-13830 · Simon Tatham +1 · Putty +1

Name of the Vulnerable Software and Affected Versions: PuTTY versions 0.68 through 0.73 Description: The issue allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client, due to an Observable Discrepancy leading to an...

Qemu: qemu-nbd crashes due to undefined I/O coroutine

An assertion-failure flaw was found in the Network Block Device NBD server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to...

PT-2017-3734 · Qemu +1 · Qemu +2

Name of the Vulnerable Software and Affected Versions: Qemu versions prior to 2.10.1 Qemu-NBD affected versions not specified Description: The issue is related to errors during connection establishment in the Qemu-NBD hardware emulator server. It can be exploited by a remote attacker to cause a...