Lucene search
K

883 matches found

FreeBSD
FreeBSD
added 2005/02/20 12:0 a.m.30 views

putty -- pscp/psftp heap corruption vulnerabilities

Simon Tatham reports: This version fixes a security hole in previous versions of PuTTY, which can allow a malicious SFTP server to attack your client. If you use either PSCP or PSFTP, you should upgrade. Users of the main PuTTY program are not affected. However, note that the server must have...

7.5CVSS6.1AI score0.04041EPSS
Exploits0References4
CVE
CVE
added 2005/02/13 5:0 a.m.50 views

CVE-2004-1440

Summary: CVE-2004-1440 affects PuTTY before 0.55. The modpow function suffers heap-based buffer overflows that allow remote attackers to execute arbitrary code via a crafted SSH2 packet (base argument larger than mod argument). A second impact is a possible denial of service (client crash) and ar...

7.5CVSS7.9AI score0.04114EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2005/02/13 5:0 a.m.17 views

CVE-2004-1440

Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow 1 remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, an...

7.8AI score0.04114EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2005/02/13 5:0 a.m.26 views

CVE-2004-1440

Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow 1 remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, an...

7.5CVSS7.6AI score0.04114EPSS
Exploits0
OSV
OSV
added 2005/01/10 5:0 a.m.1 views

DEBIAN-CVE-2004-1008

Integer signedness error in the ssh2rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2MSGDEBUG packet with a modified stringlen parameter, which leads to a buffer overflow...

10CVSS7.8AI score0.07363EPSS
Exploits0References1
OSV
OSV
added 2005/01/10 5:0 a.m.6 views

CVE-2004-1008

Integer signedness error in the ssh2rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2MSGDEBUG packet with a modified stringlen parameter, which leads to a buffer overflow...

8AI score
Exploits0References13
securityvulns
securityvulns
added 2005/01/06 12:0 a.m.25 views

[SA13678] PuTTY for Symbian OS "SSH2_MSG_DEBUG" Buffer Overflow

TITLE: PuTTY for Symbian OS "SSH2MSGDEBUG" Buffer Overflow SECUNIA ADVISORY ID: SA13678 VERIFY ADVISORY: http://secunia.com/advisories/13678/ CRITICAL: Moderately critical IMPACT: System access WHERE: From remote SOFTWARE: PuTTY for Symbian OS 1.x http://secunia.com/product/4476/ DESCRIPTION: A...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2005/01/06 12:0 a.m.33 views

PuTTY for Symbian OS "SSH2_MSG_DEBUG" Buffer Overflow

No description provided...

3.7AI score
Exploits0References1
OSV
OSV
added 2004/12/31 5:0 a.m.1 views

DEBIAN-CVE-2004-1440

Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow 1 remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, an...

7.5CVSS8.2AI score0.04114EPSS
Exploits0References1
OSV
OSV
added 2004/12/31 5:0 a.m.6 views

CVE-2004-1440

Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow 1 remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, an...

8.2AI score
Exploits0References7
NVD
NVD
added 2004/12/31 5:0 a.m.14 views

CVE-2004-1440

Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow 1 remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, an...

7.5CVSS7.9AI score0.04114EPSS
Exploits0References7
Cvelist
Cvelist
added 2004/12/01 5:0 a.m.32 views

CVE-2004-1008

Integer signedness error in the ssh2rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2MSGDEBUG packet with a modified stringlen parameter, which leads to a buffer overflow...

7.6AI score0.07363EPSS
Exploits0References11
CVE
CVE
added 2004/12/01 5:0 a.m.80 views

CVE-2004-1008

CVE-2004-1008 affects PuTTY prior to 0.56. An integer signedness error in the ssh2_rdpkt function allows an attacker to trigger a buffer overflow via a crafted SSH2_MSG_DEBUG packet (modified stringlen). This enables remote code execution. Remediation: upgrade PuTTY to 0.56 or newer (patched vers...

10CVSS7.6AI score0.07363EPSS
Exploits0References11Affected Software2
Debian CVE
Debian CVE
added 2004/12/01 5:0 a.m.38 views

CVE-2004-1008

Integer signedness error in the ssh2rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2MSGDEBUG packet with a modified stringlen parameter, which leads to a buffer overflow...

10CVSS7.5AI score0.07363EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/11/23 12:0 a.m.13 views

FreeBSD : putty -- buffer overflow vulnerability in ssh2 support (159)

The following package needs to be updated: putty %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg19518d222d0511d989430050fc56d258.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-20...

0.3AI score
Exploits0References11
securityvulns
securityvulns
added 2004/10/30 12:0 a.m.34 views

PuTTY SSH2 buffer overflow

Buffer overflow on SSH2MSGDEBUG packet processing...

4.7AI score
Exploits0References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2004/10/28 12:0 a.m.11 views

PuTTY < 0.56 Remote SSH2_MSG_DEBUG Buffer Overflow

Binary data 2371.prm...

10CVSS7.3AI score0.07363EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/10/28 12:0 a.m.37 views

GLSA-200410-29 : PuTTY: Pre-authentication buffer overflow

The remote host is affected by the vulnerability described in GLSA-200410-29 PuTTY: Pre-authentication buffer overflow PuTTY fails to do proper bounds checking on SSH2MSGDEBUG packets. The 'stringlen' parameter value is incorrectly checked due to signedness issues. Note that this vulnerability is...

10CVSS6.3AI score0.07363EPSS
Exploits0References4
securityvulns
securityvulns
added 2004/10/28 12:0 a.m.31 views

iDEFENSE Security Advisory 10.27.04 - PuTTY SSH2_MSG_DEBUG Buffer Overflow Vulnerability

PuTTY SSH2MSGDEBUG Buffer Overflow Vulnerability iDEFENSE Security Advisory 10.27.04 www.idefense.com/application/poi/display?id=155&type=vulnerabilities October 27, 2004 I. BACKGROUND PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal...

0.2AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/10/27 12:0 a.m.28 views

PuTTY: Pre-authentication buffer overflow

Background PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator. Description PuTTY fails to do proper bounds checking on SSH2MSGDEBUG packets. The "stringlen" parameter value is incorrectly checked due to signedness issues. Note that...

10CVSS7.2AI score0.07363EPSS
Exploits0
Rows per page
Query Builder