883 matches found
putty -- pscp/psftp heap corruption vulnerabilities
Simon Tatham reports: This version fixes a security hole in previous versions of PuTTY, which can allow a malicious SFTP server to attack your client. If you use either PSCP or PSFTP, you should upgrade. Users of the main PuTTY program are not affected. However, note that the server must have...
CVE-2004-1440
Summary: CVE-2004-1440 affects PuTTY before 0.55. The modpow function suffers heap-based buffer overflows that allow remote attackers to execute arbitrary code via a crafted SSH2 packet (base argument larger than mod argument). A second impact is a possible denial of service (client crash) and ar...
CVE-2004-1440
Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow 1 remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, an...
CVE-2004-1440
Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow 1 remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, an...
DEBIAN-CVE-2004-1008
Integer signedness error in the ssh2rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2MSGDEBUG packet with a modified stringlen parameter, which leads to a buffer overflow...
CVE-2004-1008
Integer signedness error in the ssh2rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2MSGDEBUG packet with a modified stringlen parameter, which leads to a buffer overflow...
[SA13678] PuTTY for Symbian OS "SSH2_MSG_DEBUG" Buffer Overflow
TITLE: PuTTY for Symbian OS "SSH2MSGDEBUG" Buffer Overflow SECUNIA ADVISORY ID: SA13678 VERIFY ADVISORY: http://secunia.com/advisories/13678/ CRITICAL: Moderately critical IMPACT: System access WHERE: From remote SOFTWARE: PuTTY for Symbian OS 1.x http://secunia.com/product/4476/ DESCRIPTION: A...
PuTTY for Symbian OS "SSH2_MSG_DEBUG" Buffer Overflow
No description provided...
DEBIAN-CVE-2004-1440
Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow 1 remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, an...
CVE-2004-1440
Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow 1 remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, an...
CVE-2004-1440
Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow 1 remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, an...
CVE-2004-1008
Integer signedness error in the ssh2rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2MSGDEBUG packet with a modified stringlen parameter, which leads to a buffer overflow...
CVE-2004-1008
CVE-2004-1008 affects PuTTY prior to 0.56. An integer signedness error in the ssh2_rdpkt function allows an attacker to trigger a buffer overflow via a crafted SSH2_MSG_DEBUG packet (modified stringlen). This enables remote code execution. Remediation: upgrade PuTTY to 0.56 or newer (patched vers...
CVE-2004-1008
Integer signedness error in the ssh2rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2MSGDEBUG packet with a modified stringlen parameter, which leads to a buffer overflow...
FreeBSD : putty -- buffer overflow vulnerability in ssh2 support (159)
The following package needs to be updated: putty %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg19518d222d0511d989430050fc56d258.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-20...
PuTTY SSH2 buffer overflow
Buffer overflow on SSH2MSGDEBUG packet processing...
PuTTY < 0.56 Remote SSH2_MSG_DEBUG Buffer Overflow
Binary data 2371.prm...
GLSA-200410-29 : PuTTY: Pre-authentication buffer overflow
The remote host is affected by the vulnerability described in GLSA-200410-29 PuTTY: Pre-authentication buffer overflow PuTTY fails to do proper bounds checking on SSH2MSGDEBUG packets. The 'stringlen' parameter value is incorrectly checked due to signedness issues. Note that this vulnerability is...
iDEFENSE Security Advisory 10.27.04 - PuTTY SSH2_MSG_DEBUG Buffer Overflow Vulnerability
PuTTY SSH2MSGDEBUG Buffer Overflow Vulnerability iDEFENSE Security Advisory 10.27.04 www.idefense.com/application/poi/display?id=155&type=vulnerabilities October 27, 2004 I. BACKGROUND PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal...
PuTTY: Pre-authentication buffer overflow
Background PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator. Description PuTTY fails to do proper bounds checking on SSH2MSGDEBUG packets. The "stringlen" parameter value is incorrectly checked due to signedness issues. Note that...