Vulnerabilites related to simon_tatham - putty
cve-2013-4206
Vulnerability from cvelistv5
Published
2013-08-19 23:00
Modified
2024-08-06 16:38
Severity ?
EPSS score ?
Summary
Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2013/08/06/11 | mailing-list, x_refsource_MLIST | |
| http://secunia.com/advisories/54533 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html | x_refsource_CONFIRM | |
| http://www.debian.org/security/2013/dsa-2736 | vendor-advisory, x_refsource_DEBIAN | |
| http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html | vendor-advisory, x_refsource_SUSE | |
| http://secunia.com/advisories/54379 | third-party-advisory, x_refsource_SECUNIA | |
| http://svn.tartarus.org/sgt/putty/sshbn.c?sortby=date&r1=9977&r2=9976&pathrev=9977 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.677Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/11"
},
{
"name": "54533",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54533"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html"
},
{
"name": "DSA-2736",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"name": "openSUSE-SU-2013:1347",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"name": "54379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54379"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.tartarus.org/sgt/putty/sshbn.c?sortby=date\u0026r1=9977\u0026r2=9976\u0026pathrev=9977"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-08-30T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/11"
},
{
"name": "54533",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54533"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html"
},
{
"name": "DSA-2736",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"name": "openSUSE-SU-2013:1347",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"name": "54379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54379"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.tartarus.org/sgt/putty/sshbn.c?sortby=date\u0026r1=9977\u0026r2=9976\u0026pathrev=9977"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4206",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/11"
},
{
"name": "54533",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54533"
},
{
"name": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html",
"refsource": "CONFIRM",
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html"
},
{
"name": "DSA-2736",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"name": "openSUSE-SU-2013:1347",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"name": "54379",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54379"
},
{
"name": "http://svn.tartarus.org/sgt/putty/sshbn.c?sortby=date\u0026r1=9977\u0026r2=9976\u0026pathrev=9977",
"refsource": "CONFIRM",
"url": "http://svn.tartarus.org/sgt/putty/sshbn.c?sortby=date\u0026r1=9977\u0026r2=9976\u0026pathrev=9977"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4206",
"datePublished": "2013-08-19T23:00:00",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:38:01.677Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2563
Vulnerability from cvelistv5
Published
2016-04-07 23:00
Modified
2024-08-05 23:32
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.opensuse.org/opensuse-updates/2016-05/msg00131.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securitytracker.com/id/1035257 | vdb-entry, x_refsource_SECTRACK | |
| https://security.gentoo.org/glsa/201606-01 | vendor-advisory, x_refsource_GENTOO | |
| http://www.securityfocus.com/bid/84296 | vdb-entry, x_refsource_BID | |
| http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-pscp-sink-sscanf.html | x_refsource_CONFIRM | |
| https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563 | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2016/Mar/22 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:32:20.848Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1453",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00131.html"
},
{
"name": "1035257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035257"
},
{
"name": "GLSA-201606-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201606-01"
},
{
"name": "84296",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/84296"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-pscp-sink-sscanf.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563"
},
{
"name": "20160309 CVE-2016-2563 - PuTTY/PSCP \u003c=0.66 buffer overflow - vuln-pscp-sink-sscanf",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Mar/22"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-30T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openSUSE-SU-2016:1453",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00131.html"
},
{
"name": "1035257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035257"
},
{
"name": "GLSA-201606-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201606-01"
},
{
"name": "84296",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/84296"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-pscp-sink-sscanf.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563"
},
{
"name": "20160309 CVE-2016-2563 - PuTTY/PSCP \u003c=0.66 buffer overflow - vuln-pscp-sink-sscanf",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Mar/22"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2563",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1453",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00131.html"
},
{
"name": "1035257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035257"
},
{
"name": "GLSA-201606-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-01"
},
{
"name": "84296",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84296"
},
{
"name": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-pscp-sink-sscanf.html",
"refsource": "CONFIRM",
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-pscp-sink-sscanf.html"
},
{
"name": "https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563",
"refsource": "MISC",
"url": "https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563"
},
{
"name": "20160309 CVE-2016-2563 - PuTTY/PSCP \u003c=0.66 buffer overflow - vuln-pscp-sink-sscanf",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Mar/22"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2563",
"datePublished": "2016-04-07T23:00:00",
"dateReserved": "2016-02-25T00:00:00",
"dateUpdated": "2024-08-05T23:32:20.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-4207
Vulnerability from cvelistv5
Published
2013-08-19 23:00
Modified
2024-08-06 16:38
Severity ?
EPSS score ?
Summary
Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a different vulnerability than CVE-2013-4206.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2013/08/06/11 | mailing-list, x_refsource_MLIST | |
| http://secunia.com/advisories/54533 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.debian.org/security/2013/dsa-2736 | vendor-advisory, x_refsource_DEBIAN | |
| http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html | vendor-advisory, x_refsource_SUSE | |
| http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/54379 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/11"
},
{
"name": "54533",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54533"
},
{
"name": "DSA-2736",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"name": "openSUSE-SU-2013:1347",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html"
},
{
"name": "54379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54379"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a different vulnerability than CVE-2013-4206."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-08-30T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/11"
},
{
"name": "54533",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54533"
},
{
"name": "DSA-2736",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"name": "openSUSE-SU-2013:1347",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html"
},
{
"name": "54379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54379"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4207",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a different vulnerability than CVE-2013-4206."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/11"
},
{
"name": "54533",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54533"
},
{
"name": "DSA-2736",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"name": "openSUSE-SU-2013:1347",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"name": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html",
"refsource": "CONFIRM",
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html"
},
{
"name": "54379",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54379"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4207",
"datePublished": "2013-08-19T23:00:00",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:38:01.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-4208
Vulnerability from cvelistv5
Published
2013-08-19 23:00
Modified
2024-08-06 16:38
Severity ?
EPSS score ?
Summary
The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2013/08/06/11 | mailing-list, x_refsource_MLIST | |
| http://secunia.com/advisories/54533 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html | x_refsource_CONFIRM | |
| http://www.debian.org/security/2013/dsa-2736 | vendor-advisory, x_refsource_DEBIAN | |
| http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html | vendor-advisory, x_refsource_SUSE | |
| http://secunia.com/advisories/54379 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.962Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/11"
},
{
"name": "54533",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54533"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html"
},
{
"name": "DSA-2736",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"name": "openSUSE-SU-2013:1347",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"name": "54379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54379"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-08-30T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/11"
},
{
"name": "54533",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54533"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html"
},
{
"name": "DSA-2736",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"name": "openSUSE-SU-2013:1347",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"name": "54379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54379"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4208",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/11"
},
{
"name": "54533",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54533"
},
{
"name": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html",
"refsource": "CONFIRM",
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html"
},
{
"name": "DSA-2736",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"name": "openSUSE-SU-2013:1347",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"name": "54379",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54379"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4208",
"datePublished": "2013-08-19T23:00:00",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:38:01.962Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2157
Vulnerability from cvelistv5
Published
2015-03-27 14:00
Modified
2024-08-06 05:10
Severity ?
EPSS score ?
Summary
The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html | x_refsource_CONFIRM | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151933.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.securityfocus.com/bid/72825 | vdb-entry, x_refsource_BID | |
| http://www.debian.org/security/2015/dsa-3190 | vendor-advisory, x_refsource_DEBIAN | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151790.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.openwall.com/lists/oss-security/2015/02/28/4 | mailing-list, x_refsource_MLIST | |
| http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2015/02/28/5 | mailing-list, x_refsource_MLIST | |
| http://lists.opensuse.org/opensuse-updates/2015-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151839.html | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:10:14.276Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
},
{
"name": "FEDORA-2015-3160",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151933.html"
},
{
"name": "72825",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72825"
},
{
"name": "DSA-3190",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3190"
},
{
"name": "FEDORA-2015-3070",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151790.html"
},
{
"name": "[oss-security] 20150228 CVE Request: PuTTY fails to clear private key information from memory",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/28/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html"
},
{
"name": "[oss-security] 20150228 Re: CVE Request: PuTTY fails to clear private key information from memory",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/28/5"
},
{
"name": "openSUSE-SU-2015:0474",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00032.html"
},
{
"name": "FEDORA-2015-3204",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151839.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-30T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
},
{
"name": "FEDORA-2015-3160",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151933.html"
},
{
"name": "72825",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72825"
},
{
"name": "DSA-3190",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3190"
},
{
"name": "FEDORA-2015-3070",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151790.html"
},
{
"name": "[oss-security] 20150228 CVE Request: PuTTY fails to clear private key information from memory",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/28/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html"
},
{
"name": "[oss-security] 20150228 Re: CVE Request: PuTTY fails to clear private key information from memory",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/28/5"
},
{
"name": "openSUSE-SU-2015:0474",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00032.html"
},
{
"name": "FEDORA-2015-3204",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151839.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2157",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html",
"refsource": "CONFIRM",
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
},
{
"name": "FEDORA-2015-3160",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151933.html"
},
{
"name": "72825",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72825"
},
{
"name": "DSA-3190",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3190"
},
{
"name": "FEDORA-2015-3070",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151790.html"
},
{
"name": "[oss-security] 20150228 CVE Request: PuTTY fails to clear private key information from memory",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/02/28/4"
},
{
"name": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html",
"refsource": "CONFIRM",
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html"
},
{
"name": "[oss-security] 20150228 Re: CVE Request: PuTTY fails to clear private key information from memory",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/02/28/5"
},
{
"name": "openSUSE-SU-2015:0474",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00032.html"
},
{
"name": "FEDORA-2015-3204",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151839.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2157",
"datePublished": "2015-03-27T14:00:00",
"dateReserved": "2015-02-28T00:00:00",
"dateUpdated": "2024-08-06T05:10:14.276Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-5309
Vulnerability from cvelistv5
Published
2015-12-07 20:00
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
Integer overflow in the terminal emulator in PuTTY before 0.66 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an ECH (erase characters) escape sequence with a large parameter value, which triggers a buffer underflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2015/dsa-3409 | vendor-advisory, x_refsource_DEBIAN | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173021.html | vendor-advisory, x_refsource_FEDORA | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173094.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.securitytracker.com/id/1034308 | vdb-entry, x_refsource_SECTRACK | |
| http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201606-01 | vendor-advisory, x_refsource_GENTOO | |
| http://lists.opensuse.org/opensuse-updates/2015-11/msg00099.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:41:09.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3409",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3409"
},
{
"name": "FEDORA-2015-3d17682c15",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173021.html"
},
{
"name": "FEDORA-2015-5ad4a1f151",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173094.html"
},
{
"name": "1034308",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034308"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html"
},
{
"name": "GLSA-201606-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201606-01"
},
{
"name": "openSUSE-SU-2015:2023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00099.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the terminal emulator in PuTTY before 0.66 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an ECH (erase characters) escape sequence with a large parameter value, which triggers a buffer underflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-12T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-3409",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3409"
},
{
"name": "FEDORA-2015-3d17682c15",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173021.html"
},
{
"name": "FEDORA-2015-5ad4a1f151",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173094.html"
},
{
"name": "1034308",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034308"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html"
},
{
"name": "GLSA-201606-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201606-01"
},
{
"name": "openSUSE-SU-2015:2023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00099.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5309",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the terminal emulator in PuTTY before 0.66 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an ECH (erase characters) escape sequence with a large parameter value, which triggers a buffer underflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3409",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3409"
},
{
"name": "FEDORA-2015-3d17682c15",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173021.html"
},
{
"name": "FEDORA-2015-5ad4a1f151",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173094.html"
},
{
"name": "1034308",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034308"
},
{
"name": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html",
"refsource": "CONFIRM",
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html"
},
{
"name": "GLSA-201606-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-01"
},
{
"name": "openSUSE-SU-2015:2023",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00099.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-5309",
"datePublished": "2015-12-07T20:00:00",
"dateReserved": "2015-07-01T00:00:00",
"dateUpdated": "2024-08-06T06:41:09.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-4852
Vulnerability from cvelistv5
Published
2013-08-19 23:00
Modified
2024-08-06 16:59
Severity ?
EPSS score ?
Summary
Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/54533 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/54517 | third-party-advisory, x_refsource_SECUNIA | |
| http://winscp.net/tracker/show_bug.cgi?id=1017 | x_refsource_MISC | |
| http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779 | x_refsource_CONFIRM | |
| http://www.search-lab.hu/advisories/secadv-20130722 | x_refsource_MISC | |
| http://www.debian.org/security/2013/dsa-2736 | vendor-advisory, x_refsource_DEBIAN | |
| http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9896 | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html | vendor-advisory, x_refsource_SUSE | |
| http://secunia.com/advisories/54379 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-signature-stringlen.html | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2013-08/msg00041.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:40.996Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54533",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54533"
},
{
"name": "54517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54517"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://winscp.net/tracker/show_bug.cgi?id=1017"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.search-lab.hu/advisories/secadv-20130722"
},
{
"name": "DSA-2736",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://svn.tartarus.org/sgt?view=revision\u0026sortby=date\u0026revision=9896"
},
{
"name": "openSUSE-SU-2013:1347",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"name": "54379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54379"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-signature-stringlen.html"
},
{
"name": "openSUSE-SU-2013:1355",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00041.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-08-30T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "54533",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54533"
},
{
"name": "54517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54517"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://winscp.net/tracker/show_bug.cgi?id=1017"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.search-lab.hu/advisories/secadv-20130722"
},
{
"name": "DSA-2736",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://svn.tartarus.org/sgt?view=revision\u0026sortby=date\u0026revision=9896"
},
{
"name": "openSUSE-SU-2013:1347",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"name": "54379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54379"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-signature-stringlen.html"
},
{
"name": "openSUSE-SU-2013:1355",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00041.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54533",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54533"
},
{
"name": "54517",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54517"
},
{
"name": "http://winscp.net/tracker/show_bug.cgi?id=1017",
"refsource": "MISC",
"url": "http://winscp.net/tracker/show_bug.cgi?id=1017"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779"
},
{
"name": "http://www.search-lab.hu/advisories/secadv-20130722",
"refsource": "MISC",
"url": "http://www.search-lab.hu/advisories/secadv-20130722"
},
{
"name": "DSA-2736",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"name": "http://svn.tartarus.org/sgt?view=revision\u0026sortby=date\u0026revision=9896",
"refsource": "MISC",
"url": "http://svn.tartarus.org/sgt?view=revision\u0026sortby=date\u0026revision=9896"
},
{
"name": "openSUSE-SU-2013:1347",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"name": "54379",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54379"
},
{
"name": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-signature-stringlen.html",
"refsource": "CONFIRM",
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-signature-stringlen.html"
},
{
"name": "openSUSE-SU-2013:1355",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00041.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4852",
"datePublished": "2013-08-19T23:00:00",
"dateReserved": "2013-07-16T00:00:00",
"dateUpdated": "2024-08-06T16:59:40.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2013-08-19 23:55
Modified
2024-11-21 01:55
Severity ?
Summary
Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| putty | putty | 0.45 | |
| putty | putty | 0.46 | |
| putty | putty | 0.47 | |
| putty | putty | 0.48 | |
| putty | putty | 0.49 | |
| putty | putty | 0.50 | |
| putty | putty | 0.51 | |
| putty | putty | 0.52 | |
| putty | putty | 0.53b | |
| putty | putty | 0.54 | |
| putty | putty | 0.55 | |
| putty | putty | 0.56 | |
| putty | putty | 0.57 | |
| putty | putty | 0.58 | |
| putty | putty | 0.59 | |
| putty | putty | 0.60 | |
| putty | putty | 0.61 | |
| putty | putty | 2010-06-01 | |
| simon_tatham | putty | * | |
| simon_tatham | putty | 0.53 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:putty:putty:0.45:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5EB349-B1DF-4CF5-9468-37DC66A929C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CF223411-6FA4-43EC-8668-7DB4A98E4DEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.47:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E87C56-DFD9-45D9-9169-3BB94F647F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*",
"matchCriteriaId": "1283B462-042C-4857-A700-4179AAE20E2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*",
"matchCriteriaId": "2791C9DD-F55D-4683-85AF-B6814C34EFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "6D7582C1-AA8E-41E4-9D69-9A18A5B76CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "FC082AE0-C49D-4944-BE76-B751DAD1EF84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "23BAD8E4-2D3A-45EE-A25D-77BD698119BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*",
"matchCriteriaId": "8F7716EC-E0F9-4E50-8351-35D2F248B380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "46C2BD4D-9817-459E-ACF4-9C95233200A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "22EE5957-76F3-4B20-ADE7-E72D1300A3F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "826FA7E4-7F48-4D1C-856C-A965527B0950",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "AA54ADC7-2A36-40DA-8219-DAA31509E534",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "1A14381E-91A1-4902-B409-1281CFA2D561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "8B33EB10-535F-42F2-8F78-CE128A89447C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "218F9EAF-C260-43EC-99C4-EFACA9A1DA8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "5966235B-2F1A-45C5-AF65-99FFFE4725DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:2010-06-01:r8967:*:*:development_snapshot:*:*:*",
"matchCriteriaId": "820B9CC0-2A18-4357-B01F-565A0E35E275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8E4288-5CEA-42F3-BF6A-FE7D78C907C0",
"versionEndIncluding": "0.62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:simon_tatham:putty:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "129133D1-B374-4743-9F52-27D0A9558D17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica en la funci\u00f3n modmul en sshbn.c en PuTTY 0.62 y anteriores, permite a servidores SSH remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente causar una corrupci\u00f3n de memoria o ejecuci\u00f3n de c\u00f3digo a trav\u00e9s de una firma DSA manipulada que no es manejada adecuadamente cuando se realizan determinadas operaciones de bit-shifting durante una multiplicaci\u00f3n modular."
}
],
"id": "CVE-2013-4206",
"lastModified": "2024-11-21T01:55:07.733",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-19T23:55:08.723",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54379"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/54533"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://svn.tartarus.org/sgt/putty/sshbn.c?sortby=date\u0026r1=9977\u0026r2=9976\u0026pathrev=9977"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/54533"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://svn.tartarus.org/sgt/putty/sshbn.c?sortby=date\u0026r1=9977\u0026r2=9976\u0026pathrev=9977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/11"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-12-07 20:59
Modified
2024-11-21 02:32
Severity ?
Summary
Integer overflow in the terminal emulator in PuTTY before 0.66 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an ECH (erase characters) escape sequence with a large parameter value, which triggers a buffer underflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D5CADD-AE31-4CCD-967F-AAF04CFBDBA6",
"versionEndIncluding": "0.65",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the terminal emulator in PuTTY before 0.66 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an ECH (erase characters) escape sequence with a large parameter value, which triggers a buffer underflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en el emulador de terminal en PuTTY en versiones anteriores a 0.66 permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una secuencia de escape ECH (borrar caracteres) con un valor de par\u00e1metro grande, que desencadena un desbordamiento inferior de buffer."
}
],
"id": "CVE-2015-5309",
"lastModified": "2024-11-21T02:32:46.037",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-12-07T20:59:08.060",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173021.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173094.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00099.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2015/dsa-3409"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1034308"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201606-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173094.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00099.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201606-01"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-19 23:55
Modified
2024-11-21 01:56
Severity ?
Summary
Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "622C1C29-794B-4000-90B0-E2BB65ED0AB2",
"versionEndIncluding": "5.1.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:3.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2E3DFFBF-4E07-4449-A7A0-873DF6A98E21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:3.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "89254511-B715-4515-AA6F-86133A2182CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:3.8_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA30CE9-054B-4C5E-BE4E-8F404E3BBD49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D838748A-09CC-4940-829F-910B013A9962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F6DD6743-97F5-43AB-8D84-FB3561BDE964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:4.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "12FA1BCF-7E92-4C97-9B44-579A28FD1AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3569C249-6505-469C-B44D-9CD44497E153",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:4.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D0C15244-1AD8-4D82-BAC4-FD77A83FBFE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:4.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E49405-3C31-488C-8D28-2A417083D07B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B148D20-65E9-4C6B-985E-69BC737FC36F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "81237965-5289-4784-BCE9-44891036E49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "48CCC513-6594-4AD4-BB11-47456767F741",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53DAE27A-C884-4619-B9D2-4BB356DD0743",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB16665-C7CD-4672-A8DF-CED0267C6909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C4E4F93A-F40E-4367-ACDA-97190281BED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "058A5223-B23D-483E-89FC-64BAE4E98FE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E35FFF50-7989-4749-BE7D-51068B249D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:5.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "1993D161-712E-47AE-8402-538273CC21EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:5.0.1:beta:*:*:*:*:*:*",
"matchCriteriaId": "E42F707C-A70C-4EF5-B898-F693B6C586BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:5.0.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "5C8DB53F-739D-4B28-9D16-D6CF4478CAE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:5.0.3:beta:*:*:*:*:*:*",
"matchCriteriaId": "C6521E48-0607-4F51-81F4-569DC950F01E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:5.0.4:beta:*:*:*:*:*:*",
"matchCriteriaId": "D8204C5B-23CF-4111-BF98-EB73442CD47B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:5.0.5:beta:*:*:*:*:*:*",
"matchCriteriaId": "4100FDCF-087A-44AA-ABA2-C0632FE452F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:5.0.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "F2496D95-22A2-4EA9-A090-45E630D57526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:5.0.7:beta:*:*:*:*:*:*",
"matchCriteriaId": "3C6B9617-B687-4885-8100-2ECBEE1E157A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:5.0.8:rc:*:*:*:*:*:*",
"matchCriteriaId": "6D462DB0-E03E-4642-908F-16628FFA68FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:5.0.9:rc:*:*:*:*:*:*",
"matchCriteriaId": "BB0CE816-3C7B-43CA-A0AB-A011D5B093D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FF1E6934-4CE0-4DFC-BA3E-67395C04B0BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7230D1-2155-456D-B43A-AA66B24912B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A56FBACE-0A1F-4AC3-B306-F8B0E9869BAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE7557D-6BE4-49EA-97C2-011DF8CB6C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winscp:winscp:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0C392415-3564-44E3-82EA-CB3C8DB0BC27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B21E9A8-CE63-42C2-A11A-94D977A96DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:putty:putty:0.45:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5EB349-B1DF-4CF5-9468-37DC66A929C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CF223411-6FA4-43EC-8668-7DB4A98E4DEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.47:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E87C56-DFD9-45D9-9169-3BB94F647F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*",
"matchCriteriaId": "1283B462-042C-4857-A700-4179AAE20E2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*",
"matchCriteriaId": "2791C9DD-F55D-4683-85AF-B6814C34EFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "6D7582C1-AA8E-41E4-9D69-9A18A5B76CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "FC082AE0-C49D-4944-BE76-B751DAD1EF84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "23BAD8E4-2D3A-45EE-A25D-77BD698119BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*",
"matchCriteriaId": "8F7716EC-E0F9-4E50-8351-35D2F248B380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "46C2BD4D-9817-459E-ACF4-9C95233200A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "22EE5957-76F3-4B20-ADE7-E72D1300A3F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "826FA7E4-7F48-4D1C-856C-A965527B0950",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "AA54ADC7-2A36-40DA-8219-DAA31509E534",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "1A14381E-91A1-4902-B409-1281CFA2D561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "8B33EB10-535F-42F2-8F78-CE128A89447C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "218F9EAF-C260-43EC-99C4-EFACA9A1DA8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "5966235B-2F1A-45C5-AF65-99FFFE4725DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:2010-06-01:r8967:*:*:development_snapshot:*:*:*",
"matchCriteriaId": "820B9CC0-2A18-4357-B01F-565A0E35E275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8E4288-5CEA-42F3-BF6A-FE7D78C907C0",
"versionEndIncluding": "0.62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:simon_tatham:putty:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "129133D1-B374-4743-9F52-27D0A9558D17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en PuTTY 0.62 y anteriores, WinSCP anterior a 5.1.6, y otros productos que usan PuTTY, permite a servidores SSH remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario en determinadas aplicaciones que utilizan PuTTY a trav\u00e9s de un tama\u00f1o negativo en el valor de la firma en la clave RSA durante el handshake SSH, que provoca un desbordamiento basado en memoria din\u00e1mica."
}
],
"id": "CVE-2013-4852",
"lastModified": "2024-11-21T01:56:32.023",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-19T23:55:09.077",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00041.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54379"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/54517"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/54533"
},
{
"source": "cve@mitre.org",
"url": "http://svn.tartarus.org/sgt?view=revision\u0026sortby=date\u0026revision=9896"
},
{
"source": "cve@mitre.org",
"url": "http://winscp.net/tracker/show_bug.cgi?id=1017"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-signature-stringlen.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"source": "cve@mitre.org",
"url": "http://www.search-lab.hu/advisories/secadv-20130722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00041.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/54517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/54533"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.tartarus.org/sgt?view=revision\u0026sortby=date\u0026revision=9896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://winscp.net/tracker/show_bug.cgi?id=1017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-signature-stringlen.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.search-lab.hu/advisories/secadv-20130722"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-07 23:59
Modified
2024-11-21 02:48
Severity ?
Summary
Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 9bis | kitty | * | |
| simon_tatham | putty | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:9bis:kitty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "479C8AD6-8701-4170-9065-1B4F96CC81F1",
"versionEndIncluding": "0.66.6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "090C55DB-A0E2-4281-8A96-C8CB7291F6D1",
"versionEndIncluding": "0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en pila en la utilidad comando-l\u00ednea de SCP en PuTTY en versiones anteriores a 0.67 y KiTTY 0.66.6.3 y versiones anteriores permite a servidores remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria de pila) o ejecutar c\u00f3digo arbitrario a trav\u00e9s de una respuesta de tam\u00f1o de archivo SCP-SINK a una petici\u00f3n de descarga SCP."
}
],
"id": "CVE-2016-2563",
"lastModified": "2024-11-21T02:48:42.403",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-07T23:59:07.657",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00131.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2016/Mar/22"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-pscp-sink-sscanf.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/84296"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1035257"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201606-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00131.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2016/Mar/22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-pscp-sink-sscanf.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/84296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201606-01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-27 14:59
Modified
2024-11-21 02:26
Severity ?
Summary
The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 22 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| putty | putty | 0.51 | |
| putty | putty | 0.52 | |
| putty | putty | 0.53b | |
| putty | putty | 0.54 | |
| putty | putty | 0.55 | |
| putty | putty | 0.56 | |
| putty | putty | 0.57 | |
| putty | putty | 0.58 | |
| putty | putty | 0.59 | |
| putty | putty | 0.60 | |
| putty | putty | 0.61 | |
| putty | putty | 0.62 | |
| putty | putty | 0.63 | |
| simon_tatham | putty | 0.53 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "FC082AE0-C49D-4944-BE76-B751DAD1EF84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "23BAD8E4-2D3A-45EE-A25D-77BD698119BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*",
"matchCriteriaId": "8F7716EC-E0F9-4E50-8351-35D2F248B380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "46C2BD4D-9817-459E-ACF4-9C95233200A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "22EE5957-76F3-4B20-ADE7-E72D1300A3F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "826FA7E4-7F48-4D1C-856C-A965527B0950",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "AA54ADC7-2A36-40DA-8219-DAA31509E534",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "1A14381E-91A1-4902-B409-1281CFA2D561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "8B33EB10-535F-42F2-8F78-CE128A89447C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "218F9EAF-C260-43EC-99C4-EFACA9A1DA8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "5966235B-2F1A-45C5-AF65-99FFFE4725DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "B9942BA6-8947-4742-9A38-2E2F2F5DD341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.63:*:*:*:*:*:*:*",
"matchCriteriaId": "811276A3-5FB5-4718-94FF-E9B6503B8ABB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:simon_tatham:putty:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "129133D1-B374-4743-9F52-27D0A9558D17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory."
},
{
"lang": "es",
"value": "Las funciones (1) ssh2_load_userkey y (2) ssh2_save_userkey en PuTTY 0.51 hasta 0.63 no limpian correctamente las claves privadas SSH-2 de la memoria, lo que permite a usuarios remotos obtener informaci\u00f3n sensible mediante la lectura de la memoria."
}
],
"id": "CVE-2015-2157",
"lastModified": "2024-11-21T02:26:53.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-27T14:59:05.697",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151790.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151839.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151933.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00032.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3190"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/02/28/4"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/02/28/5"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151790.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151839.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151933.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/02/28/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/02/28/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72825"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-19 23:55
Modified
2024-11-21 01:55
Severity ?
Summary
The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| putty | putty | 0.45 | |
| putty | putty | 0.46 | |
| putty | putty | 0.47 | |
| putty | putty | 0.48 | |
| putty | putty | 0.49 | |
| putty | putty | 0.50 | |
| putty | putty | 0.51 | |
| putty | putty | 0.52 | |
| putty | putty | 0.53b | |
| putty | putty | 0.54 | |
| putty | putty | 0.55 | |
| putty | putty | 0.56 | |
| putty | putty | 0.57 | |
| putty | putty | 0.58 | |
| putty | putty | 0.59 | |
| putty | putty | 0.60 | |
| putty | putty | 0.61 | |
| simon_tatham | putty | * | |
| simon_tatham | putty | 0.53 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:putty:putty:0.45:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5EB349-B1DF-4CF5-9468-37DC66A929C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CF223411-6FA4-43EC-8668-7DB4A98E4DEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.47:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E87C56-DFD9-45D9-9169-3BB94F647F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*",
"matchCriteriaId": "1283B462-042C-4857-A700-4179AAE20E2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*",
"matchCriteriaId": "2791C9DD-F55D-4683-85AF-B6814C34EFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "6D7582C1-AA8E-41E4-9D69-9A18A5B76CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "FC082AE0-C49D-4944-BE76-B751DAD1EF84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "23BAD8E4-2D3A-45EE-A25D-77BD698119BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*",
"matchCriteriaId": "8F7716EC-E0F9-4E50-8351-35D2F248B380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "46C2BD4D-9817-459E-ACF4-9C95233200A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "22EE5957-76F3-4B20-ADE7-E72D1300A3F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "826FA7E4-7F48-4D1C-856C-A965527B0950",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "AA54ADC7-2A36-40DA-8219-DAA31509E534",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "1A14381E-91A1-4902-B409-1281CFA2D561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "8B33EB10-535F-42F2-8F78-CE128A89447C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "218F9EAF-C260-43EC-99C4-EFACA9A1DA8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "5966235B-2F1A-45C5-AF65-99FFFE4725DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8E4288-5CEA-42F3-BF6A-FE7D78C907C0",
"versionEndIncluding": "0.62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:simon_tatham:putty:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "129133D1-B374-4743-9F52-27D0A9558D17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys."
},
{
"lang": "es",
"value": "La funci\u00f3n rsa_verify en PuTTY anterior a 0.63 (1) no limpia de memoria los procesos sensibles despu\u00e9s de usarlos y (2)no libera determinadas estructuras que contienen procesos sensibles, lo que podr\u00eda permitir a usuarios locales descubrir claves privadas RSA y DSA."
}
],
"id": "CVE-2013-4208",
"lastModified": "2024-11-21T01:55:07.970",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-19T23:55:08.833",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54379"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/54533"
},
{
"source": "secalert@redhat.com",
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/54533"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/11"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-19 23:55
Modified
2024-11-21 01:55
Severity ?
Summary
Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a different vulnerability than CVE-2013-4206.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| putty | putty | 0.45 | |
| putty | putty | 0.46 | |
| putty | putty | 0.47 | |
| putty | putty | 0.48 | |
| putty | putty | 0.49 | |
| putty | putty | 0.50 | |
| putty | putty | 0.51 | |
| putty | putty | 0.52 | |
| putty | putty | 0.53b | |
| putty | putty | 0.54 | |
| putty | putty | 0.55 | |
| putty | putty | 0.56 | |
| putty | putty | 0.57 | |
| putty | putty | 0.58 | |
| putty | putty | 0.59 | |
| putty | putty | 0.60 | |
| putty | putty | 0.61 | |
| putty | putty | 2010-06-01 | |
| simon_tatham | putty | * | |
| simon_tatham | putty | 0.53 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:putty:putty:0.45:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5EB349-B1DF-4CF5-9468-37DC66A929C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CF223411-6FA4-43EC-8668-7DB4A98E4DEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.47:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E87C56-DFD9-45D9-9169-3BB94F647F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*",
"matchCriteriaId": "1283B462-042C-4857-A700-4179AAE20E2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*",
"matchCriteriaId": "2791C9DD-F55D-4683-85AF-B6814C34EFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "6D7582C1-AA8E-41E4-9D69-9A18A5B76CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "FC082AE0-C49D-4944-BE76-B751DAD1EF84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "23BAD8E4-2D3A-45EE-A25D-77BD698119BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*",
"matchCriteriaId": "8F7716EC-E0F9-4E50-8351-35D2F248B380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "46C2BD4D-9817-459E-ACF4-9C95233200A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "22EE5957-76F3-4B20-ADE7-E72D1300A3F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "826FA7E4-7F48-4D1C-856C-A965527B0950",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "AA54ADC7-2A36-40DA-8219-DAA31509E534",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "1A14381E-91A1-4902-B409-1281CFA2D561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "8B33EB10-535F-42F2-8F78-CE128A89447C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "218F9EAF-C260-43EC-99C4-EFACA9A1DA8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "5966235B-2F1A-45C5-AF65-99FFFE4725DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:2010-06-01:r8967:*:*:development_snapshot:*:*:*",
"matchCriteriaId": "820B9CC0-2A18-4357-B01F-565A0E35E275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8E4288-5CEA-42F3-BF6A-FE7D78C907C0",
"versionEndIncluding": "0.62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:simon_tatham:putty:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "129133D1-B374-4743-9F52-27D0A9558D17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a different vulnerability than CVE-2013-4206."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en PuTTY 0.62 y anteriores, permite a servidores SSH remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de una firma DSA no v\u00e1lida que no es manejada adecuadamente durante el c\u00e1lculo de un inverso modular que provoca el desbordamiento durante una divisi\u00f3n entre cero por la funcionalidad \"bignum\". Vulnerabilidad distinta de CVE-2013-4206."
}
],
"id": "CVE-2013-4207",
"lastModified": "2024-11-21T01:55:07.857",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-19T23:55:08.767",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54379"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/54533"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/54533"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2013/dsa-2736"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/11"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}