CVE-2006-7162

PuTTY 0.59 and earlier is affected by weak file permissions on (1) ppk files containing private keys and (2) session logs, enabling local users to read sensitive information. The connected Red Hat, Ubuntu, Debian, OSV, and CVE aggregations confirm the same issue across multiple sources. Root caus...

CVE-2006-7162

PuTTY 0.59 and earlier uses weak file permissions for 1 ppk files containing private keys generated by puttygen and 2 session logs created by putty, which allows local users to gain sensitive information by reading these files...

CVE-2006-7162

PuTTY 0.59 and earlier uses weak file permissions for 1 ppk files containing private keys generated by puttygen and 2 session logs created by putty, which allows local users to gain sensitive information by reading these files...

PuTTY Buffer Overflow

This module exploits a buffer overflow in the PuTTY SSH client that is triggered through a validation error in SSH.c. This vulnerability affects versions 0.53 and earlier. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framewo...

Encryption Private Key Detection (PuTTY)

Binary data 3776.prm...

Encryption Private Key Detection (PuTTY)

Binary data 3777.prm...

PuTTy.exe 0.53 - Validation Remote Buffer Overflow (Metasploit)

This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...

PuTTy.exe <= 0.53 (validation) Remote Buffer Overflow Expl (meta)

Exploit for unknown platform in category remote exploits ==================================================================== PuTTy.exe 'PuTTy.exe '$Revision: 1.1 $', 'Authors' = 'y0 at w00t-shell.net' , 'Description' = Pex::Text::Freeformqq This module exploits a buffer overflow in the PuTTY SSH...

PuTTy.exe 0.53 - Validation Remote Buffer Overflow (Metasploit)

PuTTy.exe 0.53 - Validation Remote Buffer Overflow Metasploit This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core...

PuTTY SSH2 Authentication Password Persistence Weakness

PuTTY does not safely handle password information. Copyright C 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribut...

PuTTY window title escape character arbitrary command execution

PuTTY is prone to an arbitrary code execution vulnerability. Copyright C 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

PuTTY window title escape character arbitrary command execution

PuTTY is a free SSH client. This version contains a flaw that may allow a malicious user to insert arbitrary commands and execute them. The issue is triggered when an attacker sends commands, preceded by terminal emulator escape sequences. It is possible that the flaw may allow arbitrary code...

FreeBSD : putty -- pscp/psftp heap corruption vulnerabilities (a413ed94-836e-11d9-a9e7-0001020eed82)

Simon Tatham reports : This version fixes a security hole in previous versions of PuTTY, which can allow a malicious SFTP server to attack your client. If you use either PSCP or PSFTP, you should upgrade. Users of the main PuTTY program are not affected. However, note that the server must have...

FreeBSD : putty (1624)

The following package needs to be updated: putty %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-2006 Jacques Vidrine and contributors Redistribution and use in source VuXML and 'compiled' forms SGML, HTML, PDF, PostScrip...

iDEFENSE Security Advisory 02.21.05: Multiple PuTTY SFTP Client Packet Parsing Integer Overflow Vulnerabilities

Multiple PuTTY SFTP Client Packet Parsing Integer Overflow Vulnerabilities iDEFENSE Security Advisory 02.21.05: www.idefense.com/application/poi/display?id=201&type=vulnerabilities February 21, 2005 I. BACKGROUND PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along...

GLSA-200502-28 : PuTTY: Remote code execution

The remote host is affected by the vulnerability described in GLSA-200502-28 PuTTY: Remote code execution Two vulnerabilities have been discovered in the PSCP and PSFTP clients, which can be triggered by the SFTP server itself. These issues are caused by the improper handling of the FXPREADDIR...

PuTTY SSH client integer overflow

Integer overflow in SFTP SSH File Transfer Protocol implementation...

PuTTY < 0.57 SFTP Remote Buffer Overflow

Binary data 2637.prm...

CVE-2005-0467

CVE-2005-0467 affects PuTTY PSFTP/PSCP clients (up to and including 0.56; possibly earlier) via two heap-corruption vulnerabilities: improper handling in sftp_pkt_getstring and fxp_readdir_recv that can enable remote code execution when interacting with a malicious SFTP server. A patch/mitigation...

CVE-2005-0467

Multiple integer overflows in the 1 sftppktgetstring and 2 fxpreaddirrecv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been...