Tuesday, 10 November 2015

Vulnerability In Popular SSH Client PuTTY Poem

There is a new version of the popular SSH client PuTTY appeared in which a vulnerability is closed through which attackers could execute at worst arbitrary code with the rights of the logged on user systems.

For this, a user had to connect to the server of the attacker. The cause of the problem in the terminal emulator was an escape sequence whereby the terminal code of PuTTY read the wrong memory and possibly could describe well, which could lead to an integer overflow. PuTTY and pterm version 0:54 to 0.65 are vulnerable. Users therefore be advised to version 0.66 to upgrade.

No comments:

Post a Comment