Vulnerabilites related to putty - putty
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:0.59:*:*:*:*:*:*:*", matchCriteriaId: "8B33EB10-535F-42F2-8F78-CE128A89447C", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.60:*:*:*:*:*:*:*", matchCriteriaId: "218F9EAF-C260-43EC-99C4-EFACA9A1DA8D", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.61:*:*:*:*:*:*:*", matchCriteriaId: "5966235B-2F1A-45C5-AF65-99FFFE4725DF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords by obtaining access to the process' memory.", }, { lang: "es", value: "PuTTY v0.59 hasta v0.61 no borra la memoria de procesos sensibles en la gestión de las respuestas del usuario que se producen durante la autenticación interactiva por teclado, lo que podría permitir a usuarios locales leer las contraseñas de inicio de sesión mediante la obtención de acceso a la memoria del proceso.", }, ], id: "CVE-2011-4607", lastModified: "2024-11-21T01:32:39.080", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-08-23T16:55:06.907", references: [ { source: "secalert@redhat.com", url: "http://seclists.org/oss-sec/2011/q4/499", }, { source: "secalert@redhat.com", url: "http://seclists.org/oss-sec/2011/q4/500", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/password-not-wiped.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/oss-sec/2011/q4/499", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/oss-sec/2011/q4/500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/password-not-wiped.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*", matchCriteriaId: "1283B462-042C-4857-A700-4179AAE20E2F", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*", matchCriteriaId: "2791C9DD-F55D-4683-85AF-B6814C34EFBF", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.53:*:*:*:*:*:*:*", matchCriteriaId: "58BA8E70-9491-4D4F-9182-2F48347BF6FC", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*", matchCriteriaId: "8F7716EC-E0F9-4E50-8351-35D2F248B380", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "PuTTY 0.53b and earlier does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.", }, { lang: "es", value: "PuTTy 0.53b y anteriores no borran los credenciales de inicio de sesión de memoria, incluyendo contraseñas en texto plano, lo que podría permitir a atacantes con acceso a memoria robar los credenciales SSH.", }, ], id: "CVE-2003-0048", lastModified: "2024-11-20T23:43:49.337", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2003-02-19T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=104386492422014&w=2", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.idefense.com/advisory/01.28.03.txt", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/6724", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id?1006014", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=104386492422014&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.idefense.com/advisory/01.28.03.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/6724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1006014", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
michael_jennings | eterm | 0.8.10 | |
putty | putty | 0.48 | |
rxvt | rxvt | 2.6.1 | |
xfree86_project | x11r6 | 3.3.3 | |
xfree86_project | x11r6 | 4.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:michael_jennings:eterm:0.8.10:*:*:*:*:*:*:*", matchCriteriaId: "B33FE201-759E-4EE4-B19E-A25E6FBD711B", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*", matchCriteriaId: "1283B462-042C-4857-A700-4179AAE20E2F", vulnerable: true, }, { criteria: "cpe:2.3:a:rxvt:rxvt:2.6.1:*:*:*:*:*:*:*", matchCriteriaId: "E5CE4F28-5C30-4A54-8A4B-3FA6B01F1467", vulnerable: true, }, { criteria: "cpe:2.3:a:xfree86_project:x11r6:3.3.3:*:*:*:*:*:*:*", matchCriteriaId: "C104B02C-3F3B-4DB4-8A1D-65A7DAA380EB", vulnerable: true, }, { criteria: "cpe:2.3:a:xfree86_project:x11r6:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F33E5444-E178-4F49-BDA1-DE576D8526EE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape characters which force the window to be resized.", }, ], id: "CVE-2000-0476", lastModified: "2024-11-20T23:32:35.640", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2000-06-01T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0409.html", }, { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0420.html", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2024/06/09/1", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2024/06/09/2", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/1298", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0409.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0420.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/06/09/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/06/09/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/1298", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", matchCriteriaId: "5308FBBB-F738-41C5-97A4-E40118E957CD", versionEndExcluding: "9.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "A9D807DB-9E20-4792-8A9F-4BFFC841BAB7", versionEndExcluding: "0.80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:filezilla-project:filezilla_client:*:*:*:*:*:*:*:*", matchCriteriaId: "42915485-A4DA-48DD-9C15-415D2D39DC52", versionEndExcluding: "3.66.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*", matchCriteriaId: "9F37C9AC-185F-403A-A79B-2D5C8E11AFC4", versionEndIncluding: "11.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", matchCriteriaId: "387021A0-AF36-463C-A605-32EA7DAC172E", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:panic:transmit_5:*:*:*:*:*:*:*:*", matchCriteriaId: "31FFE0AA-FC25-40DE-8EE9-7F4C80ABDE4F", versionEndExcluding: "5.10.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", matchCriteriaId: "387021A0-AF36-463C-A605-32EA7DAC172E", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:panic:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "F2FCF7EF-97D7-44CF-AC74-72D856901755", versionEndExcluding: "11.8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:roumenpetrov:pkixssh:*:*:*:*:*:*:*:*", matchCriteriaId: "53CAD263-1C60-43BD-86A2-C8DB15FFB4C6", versionEndExcluding: "14.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*", matchCriteriaId: "8FA57F20-C9C1-40A7-B2CD-F3440CCF1D66", versionEndExcluding: "6.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:bitvise:ssh_client:*:*:*:*:*:*:*:*", matchCriteriaId: "6209E375-10C7-4E65-A2E7-455A686717AC", versionEndExcluding: "9.33", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:bitvise:ssh_server:*:*:*:*:*:*:*:*", matchCriteriaId: "1A05CC3C-19C5-4BAA-ABA2-EE1795E0BE81", versionEndExcluding: "9.32", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lancom-systems:lcos:*:*:*:*:*:*:*:*", matchCriteriaId: "3A71B523-0778-46C6-A38B-64452E0BB6E7", versionEndIncluding: "3.66.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lancom-systems:lcos_fx:-:*:*:*:*:*:*:*", matchCriteriaId: "F1C91308-15E5-40AF-B4D5-3CAD7BC65DDF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lancom-systems:lcos_lx:-:*:*:*:*:*:*:*", matchCriteriaId: "418940E3-6DD1-4AA6-846A-03E059D0C681", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lancom-systems:lcos_sx:4.20:*:*:*:*:*:*:*", matchCriteriaId: "411BA58A-33B6-44CA-B9D6-7F9042D46961", vulnerable: true, }, { criteria: "cpe:2.3:o:lancom-systems:lcos_sx:5.20:*:*:*:*:*:*:*", matchCriteriaId: "FA17A153-30E4-4731-8706-8F74FCA50993", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lancom-systems:lanconfig:-:*:*:*:*:*:*:*", matchCriteriaId: "FB736F57-9BE3-4457-A10E-FA88D0932154", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vandyke:securecrt:*:*:*:*:*:*:*:*", matchCriteriaId: "6EB8D02D-87F3-414D-A3EA-43F594DAAC1B", versionEndExcluding: "9.4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:*", matchCriteriaId: "AAB481DA-FBFE-4CC2-9AE7-22025FA07494", versionEndExcluding: "0.10.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:net-ssh:net-ssh:7.2.0:*:*:*:*:ruby:*:*", matchCriteriaId: "3D6FD459-F8E8-4126-8097-D30B4639404A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ssh2_project:ssh2:*:*:*:*:*:node.js:*:*", matchCriteriaId: "69510F52-C699-4E7D-87EF-7000682888F0", versionEndIncluding: "1.11.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:proftpd:proftpd:*:*:*:*:*:*:*:*", matchCriteriaId: "9461430B-3709-45B6-8858-2101F5AE4481", versionEndIncluding: "1.3.8b", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", matchCriteriaId: "B9A01DF3-E20E-4F29-B5CF-DDF717D01E74", versionEndIncluding: "12.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:crates:thrussh:*:*:*:*:*:*:*:*", matchCriteriaId: "D25EB73D-6145-4B7D-8F14-80FD0B458E99", versionEndExcluding: "0.35.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tera_term_project:tera_term:*:*:*:*:*:*:*:*", matchCriteriaId: "77594DEC-B5F7-4911-A13D-FFE91C74BAFA", versionEndIncluding: "5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oryx-embedded:cyclone_ssh:*:*:*:*:*:*:*:*", matchCriteriaId: "F8FF7E74-2351-4CD9-B717-FA28893293A1", versionEndExcluding: "2.3.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*", matchCriteriaId: "82A93C12-FEB6-4E82-B283-0ED7820D807E", versionEndIncluding: "10.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netsarang:xshell_7:*:*:*:*:*:*:*:*", matchCriteriaId: "B480AE79-2FA1-4281-9F0D-0DE812B9354D", versionEndExcluding: "build__0144", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*", matchCriteriaId: "826B6323-06F8-4B96-8771-3FA15A727B08", versionEndExcluding: "3.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*", matchCriteriaId: "932D137F-528B-4526-9A89-CD59FA1AB0FE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*", matchCriteriaId: "DCC81071-B46D-4F5D-AC25-B4A4CCC20C73", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*", matchCriteriaId: "4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*", matchCriteriaId: "E315FC5C-FF19-43C9-A58A-CF2A5FF13824", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ceph_storage:6.0:*:*:*:*:*:*:*", matchCriteriaId: "FA7EAD12-E398-44AF-9859-F3CA6C63BA6B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "7F6FB57C-2BC7-487C-96DD-132683AEB35D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*", matchCriteriaId: "77675CB7-67D7-44E9-B7FF-D224B3341AA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*", matchCriteriaId: "C0AAA300-691A-4957-8B69-F6888CC971B1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*", matchCriteriaId: "45937289-2D64-47CB-A750-5B4F0D4664A0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*", matchCriteriaId: "97321212-0E07-4CC2-A917-7B5F61AB9A5A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_data_foundation:4.0:*:*:*:*:*:*:*", matchCriteriaId: "0E2C021C-A9F0-4EB4-ADED-81D8B57B4563", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF8EFFB-5686-4F28-A68F-1A8854E098CE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*", matchCriteriaId: "9C877879-B84B-471C-80CF-0656521CA8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*", matchCriteriaId: "379A5883-F6DF-41F5-9403-8D17F6605737", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:discovery:-:*:*:*:*:*:*:*", matchCriteriaId: "B5B1D946-5978-4818-BF21-A43D9C1365E1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*", matchCriteriaId: "99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*", matchCriteriaId: "6D5A7736-A403-4617-8790-18E46CB74DA6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0DE4E1-5D8D-40F3-8AC8-C7F736966158", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*", matchCriteriaId: "88BF3B2C-B121-483A-AEF2-8082F6DA5310", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*", matchCriteriaId: "9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*", matchCriteriaId: "F0FD736A-8730-446A-BA3A-7B608DB62B0E", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F4C504B6-3902-46E2-82B7-48AEC9CDD48D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:golang:crypto:*:*:*:*:*:*:*:*", matchCriteriaId: "F92E56DF-98DF-4328-B37E-4D5744E4103D", versionEndExcluding: "0.17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:russh_project:russh:*:*:*:*:*:rust:*:*", matchCriteriaId: "AC12508E-3C31-44EA-B4F3-29316BE9B189", versionEndExcluding: "0.40.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sftpgo_project:sftpgo:*:*:*:*:*:*:*:*", matchCriteriaId: "1750028C-698D-4E84-B727-8A155A46ADEB", versionEndExcluding: "2.5.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*", matchCriteriaId: "3A9A8E99-7F4A-4B74-B86B-8B3E8B2A8776", versionEndExcluding: "26.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:matez:jsch:*:*:*:*:*:*:*:*", matchCriteriaId: "61119DB3-4336-4D3B-863A-0CCF4146E5C1", versionEndExcluding: "0.2.15", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*", matchCriteriaId: "7BFDD272-3DF0-4E3F-B69A-E7ABF4B18B24", versionEndExcluding: "1.11.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:asyncssh_project:asyncssh:*:*:*:*:*:*:*:*", matchCriteriaId: "FAE46983-0ABC-49F7-AC18-A78FAC7E73AA", versionEndExcluding: "2.14.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*", matchCriteriaId: "06BF3368-F232-4E6B-883E-A591EED5C827", versionEndExcluding: "2022.83", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jadaptive:maverick_synergy_java_ssh_api:*:*:*:*:*:*:*:*", matchCriteriaId: "36531FB6-5682-4BF1-9785-E9D6D1C4207B", versionEndExcluding: "3.1.0-snapshot", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*", matchCriteriaId: "514ED687-0D7B-479B-82C5-7EB1A5EEC94C", versionEndExcluding: "5.11", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:thorntech:sftp_gateway_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "83B1AF39-C0B9-4031-B19A-BDDD4F337273", versionEndExcluding: "3.4.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*", matchCriteriaId: "2B71B0EF-888E-45E2-A055-F59CDCC1AFC7", versionEndIncluding: "23.09.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netgate:pfsense_ce:*:*:*:*:*:*:*:*", matchCriteriaId: "8F23CDF7-2881-4B4E-B84F-4E04F4ED8CCF", versionEndIncluding: "2.7.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*", matchCriteriaId: "C1795F7A-203F-400E-B09C-0FAF16D01CFC", versionEndExcluding: "10.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:connectbot:sshlib:*:*:*:*:*:*:*:*", matchCriteriaId: "0D79DDDD-02F0-4C12-BE7F-1B9DF1722C7A", versionEndExcluding: "2.2.22", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:sshd:*:*:*:*:*:*:*:*", matchCriteriaId: "E2D7B0CA-C01F-4296-9425-48299E3889C5", versionEndIncluding: "2.11.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:sshj:*:*:*:*:*:*:*:*", matchCriteriaId: "1C3EB0B8-9E76-4146-AB02-02E20B91D55C", versionEndIncluding: "0.37.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tinyssh:tinyssh:*:*:*:*:*:*:*:*", matchCriteriaId: "0582468A-149B-429F-978A-2AEDF4BE2606", versionEndIncluding: "20230101", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:trilead:ssh2:6401:*:*:*:*:*:*:*", matchCriteriaId: "7E4BAF06-5A79-46D7-8C4F-E670BD6B7C2D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:9bis:kitty:*:*:*:*:*:*:*:*", matchCriteriaId: "98321BF9-5E8F-4836-842C-47713B1C2775", versionEndIncluding: "0.76.1.13", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gentoo:security:-:*:*:*:*:*:*:*", matchCriteriaId: "76BDAFDE-4515-42E6-820F-38AF4A786CF2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:-:*:*:*:*:*:*:*", matchCriteriaId: "5920923E-0D52-44E5-801D-10B82846ED58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", matchCriteriaId: "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", matchCriteriaId: "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", matchCriteriaId: "73160D1F-755B-46D2-969F-DF8E43BB1099", versionEndExcluding: "14.4", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.", }, { lang: "es", value: "El protocolo de transporte SSH con ciertas extensiones OpenSSH, que se encuentra en OpenSSH anterior a 9.6 y otros productos, permite a atacantes remotos eludir las comprobaciones de integridad de modo que algunos paquetes se omiten (del mensaje de negociación de extensión) y, en consecuencia, un cliente y un servidor pueden terminar con una conexión para la cual algunas características de seguridad han sido degradadas o deshabilitadas, también conocido como un ataque Terrapin. Esto ocurre porque SSH Binary Packet Protocol (BPP), implementado por estas extensiones, maneja mal la fase de protocolo de enlace y el uso de números de secuencia. Por ejemplo, existe un ataque eficaz contra ChaCha20-Poly1305 (y CBC con Encrypt-then-MAC). La omisión se produce en chacha20-poly1305@openssh.com y (si se utiliza CBC) en los algoritmos MAC -etm@openssh.com. Esto también afecta a Maverick Synergy Java SSH API anterior a 3.1.0-SNAPSHOT, Dropbear hasta 2022.83, Ssh anterior a 5.1.1 en Erlang/OTP, PuTTY anterior a 0.80 y AsyncSSH anterior a 2.14.2; y podría haber efectos en Bitvise SSH hasta la versión 9.31, libssh hasta la 0.10.5 y golang.org/x/crypto hasta el 17 de diciembre de 2023.", }, ], id: "CVE-2023-48795", lastModified: "2024-12-02T14:54:27.177", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-18T16:15:10.897", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2024/Mar/21", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2023/12/18/3", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2023/12/19/5", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Mitigation", ], url: "http://www.openwall.com/lists/oss-security/2023/12/20/3", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2024/03/06/3", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2024/04/17/8", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/cve-2023-48795", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugs.gentoo.org/920280", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2254210", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1217950", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://crates.io/crates/thrussh/versions", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://filezilla-project.org/versions.php", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://forum.netgate.com/topic/184941/terrapin-ssh-attack", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/NixOS/nixpkgs/pull/275249", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/PowerShell/Win32-OpenSSH/issues/2189", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/advisories/GHSA-45x7-px36-x8w8", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/apache/mina-sshd/issues/445", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/cyd01/KiTTY/issues/520", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/erlang/otp/releases/tag/OTP-26.2.1", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/hierynomus/sshj/issues/916", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/janmojzis/tinyssh/issues/81", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5", }, { source: "cve@mitre.org", tags: [ "Mitigation", ], url: "https://github.com/libssh2/libssh2/pull/1291", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/mwiede/jsch/issues/457", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/mwiede/jsch/pull/461", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/openssh/openssh-portable/commits/master", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/paramiko/paramiko/issues/2337", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/proftpd/proftpd/issues/456", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/rapier1/hpn-ssh/releases", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/ronf/asyncssh/tags", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/ssh-mitm/ssh-mitm/issues/165", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/warp-tech/russh/releases/tag/v0.40.2", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://gitlab.com/libssh/libssh-mirror/-/tags", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://help.panic.com/releasenotes/transmit5/", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://matt.ucc.asn.au/dropbear/CHANGES", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=38684904", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=38685286", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=38732005", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://nova.app/releases/#v11.8", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://oryx-embedded.com/download/#changelog", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://roumenpetrov.info/secsh/#news20231220", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://security-tracker.debian.org/tracker/CVE-2023-48795", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://security-tracker.debian.org/tracker/source-package/libssh2", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202312-16", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202312-17", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240105-0004/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT214084", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://thorntech.com/cve-2023-48795-and-sftp-gateway/", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "https://twitter.com/TrueSkrillor/status/1736774389725565005", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://ubuntu.com/security/CVE-2023-48795", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://winscp.net/eng/docs/history#6.2.2", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.bitvise.com/ssh-client-version-history#933", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.bitvise.com/ssh-server-version-history", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://www.debian.org/security/2023/dsa-5586", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://www.debian.org/security/2023/dsa-5588", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.netsarang.com/en/xshell-update-history/", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.openssh.com/openbsd.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.openssh.com/txt/release-9.6", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://www.openwall.com/lists/oss-security/2023/12/18/2", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Mitigation", ], url: "https://www.openwall.com/lists/oss-security/2023/12/20/3", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.paramiko.org/changelog.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "https://www.terrapin-attack.com", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "https://www.theregister.com/2023/12/20/terrapin_attack_ssh", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.vandyke.com/products/securecrt/history.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2024/Mar/21", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2023/12/18/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2023/12/19/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Mitigation", ], url: "http://www.openwall.com/lists/oss-security/2023/12/20/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2024/03/06/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2024/04/17/8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/cve-2023-48795", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugs.gentoo.org/920280", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2254210", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1217950", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://crates.io/crates/thrussh/versions", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://filezilla-project.org/versions.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://forum.netgate.com/topic/184941/terrapin-ssh-attack", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/NixOS/nixpkgs/pull/275249", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/PowerShell/Win32-OpenSSH/issues/2189", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/advisories/GHSA-45x7-px36-x8w8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/apache/mina-sshd/issues/445", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/cyd01/KiTTY/issues/520", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/erlang/otp/releases/tag/OTP-26.2.1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/hierynomus/sshj/issues/916", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/janmojzis/tinyssh/issues/81", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", ], url: "https://github.com/libssh2/libssh2/pull/1291", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/mwiede/jsch/issues/457", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/mwiede/jsch/pull/461", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/openssh/openssh-portable/commits/master", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/paramiko/paramiko/issues/2337", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/proftpd/proftpd/issues/456", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/rapier1/hpn-ssh/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/ronf/asyncssh/tags", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/ssh-mitm/ssh-mitm/issues/165", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/warp-tech/russh/releases/tag/v0.40.2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://gitlab.com/libssh/libssh-mirror/-/tags", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://help.panic.com/releasenotes/transmit5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://matt.ucc.asn.au/dropbear/CHANGES", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=38684904", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=38685286", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=38732005", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://nova.app/releases/#v11.8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://oryx-embedded.com/download/#changelog", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://roumenpetrov.info/secsh/#news20231220", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security-tracker.debian.org/tracker/CVE-2023-48795", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security-tracker.debian.org/tracker/source-package/libssh2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202312-16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202312-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240105-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT214084", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://thorntech.com/cve-2023-48795-and-sftp-gateway/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "https://twitter.com/TrueSkrillor/status/1736774389725565005", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://ubuntu.com/security/CVE-2023-48795", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://winscp.net/eng/docs/history#6.2.2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.bitvise.com/ssh-client-version-history#933", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.bitvise.com/ssh-server-version-history", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://www.debian.org/security/2023/dsa-5586", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://www.debian.org/security/2023/dsa-5588", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.netsarang.com/en/xshell-update-history/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.openssh.com/openbsd.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.openssh.com/txt/release-9.6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://www.openwall.com/lists/oss-security/2023/12/18/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Mitigation", ], url: "https://www.openwall.com/lists/oss-security/2023/12/20/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.paramiko.org/changelog.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://www.terrapin-attack.com", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "https://www.theregister.com/2023/12/20/terrapin_attack_ssh", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.vandyke.com/products/securecrt/history.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-354", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | 7.0 | |
fedoraproject | fedora | 20 | |
fedoraproject | fedora | 22 | |
opensuse | opensuse | 13.1 | |
opensuse | opensuse | 13.2 | |
putty | putty | 0.51 | |
putty | putty | 0.52 | |
putty | putty | 0.53b | |
putty | putty | 0.54 | |
putty | putty | 0.55 | |
putty | putty | 0.56 | |
putty | putty | 0.57 | |
putty | putty | 0.58 | |
putty | putty | 0.59 | |
putty | putty | 0.60 | |
putty | putty | 0.61 | |
putty | putty | 0.62 | |
putty | putty | 0.63 | |
simon_tatham | putty | 0.53 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", matchCriteriaId: "253C303A-E577-4488-93E6-68A8DD942C38", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*", matchCriteriaId: "FC082AE0-C49D-4944-BE76-B751DAD1EF84", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*", matchCriteriaId: "23BAD8E4-2D3A-45EE-A25D-77BD698119BB", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*", matchCriteriaId: "8F7716EC-E0F9-4E50-8351-35D2F248B380", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*", matchCriteriaId: "46C2BD4D-9817-459E-ACF4-9C95233200A2", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*", matchCriteriaId: "22EE5957-76F3-4B20-ADE7-E72D1300A3F0", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.56:*:*:*:*:*:*:*", matchCriteriaId: "826FA7E4-7F48-4D1C-856C-A965527B0950", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.57:*:*:*:*:*:*:*", matchCriteriaId: "AA54ADC7-2A36-40DA-8219-DAA31509E534", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.58:*:*:*:*:*:*:*", matchCriteriaId: "1A14381E-91A1-4902-B409-1281CFA2D561", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.59:*:*:*:*:*:*:*", matchCriteriaId: "8B33EB10-535F-42F2-8F78-CE128A89447C", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.60:*:*:*:*:*:*:*", matchCriteriaId: "218F9EAF-C260-43EC-99C4-EFACA9A1DA8D", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.61:*:*:*:*:*:*:*", matchCriteriaId: "5966235B-2F1A-45C5-AF65-99FFFE4725DF", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.62:*:*:*:*:*:*:*", matchCriteriaId: "B9942BA6-8947-4742-9A38-2E2F2F5DD341", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.63:*:*:*:*:*:*:*", matchCriteriaId: "811276A3-5FB5-4718-94FF-E9B6503B8ABB", vulnerable: true, }, { criteria: "cpe:2.3:a:simon_tatham:putty:0.53:*:*:*:*:*:*:*", matchCriteriaId: "129133D1-B374-4743-9F52-27D0A9558D17", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory.", }, { lang: "es", value: "Las funciones (1) ssh2_load_userkey y (2) ssh2_save_userkey en PuTTY 0.51 hasta 0.63 no limpian correctamente las claves privadas SSH-2 de la memoria, lo que permite a usuarios remotos obtener información sensible mediante la lectura de la memoria.", }, ], id: "CVE-2015-2157", lastModified: "2024-11-21T02:26:53.940", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-03-27T14:59:05.697", references: [ { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151790.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151839.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151933.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00032.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2015/dsa-3190", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/02/28/4", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/02/28/5", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/72825", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151790.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151839.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151933.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3190", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/02/28/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/02/28/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/72825", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
putty | putty | * | |
fedoraproject | fedora | 28 | |
fedoraproject | fedora | 29 | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 9.0 | |
opensuse | leap | 15.0 | |
netapp | oncommand_unified_manager | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "D2DDD5D1-E291-4420-81CA-3924ACAD80B6", versionEndExcluding: "0.71", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", matchCriteriaId: "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*", matchCriteriaId: "C18CA4B5-28FD-4199-B1F0-B1E59E920370", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71.", }, { lang: "es", value: "Existe el reciclado potencial de números aleatorios empleados en criptografía en PuTTY, en versiones anteriores a la 0.71.", }, ], id: "CVE-2019-9898", lastModified: "2024-11-21T04:52:32.137", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-21T16:01:17.890", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107523", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/6", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://security.netapp.com/advisory/ntap-20190329-0002/", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190401-0002/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4423", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107523", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://security.netapp.com/advisory/ntap-20190329-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190401-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4423", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-330", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://www.securityfocus.com/archive/1/538848/100/0/threaded | Broken Link, Third Party Advisory, VDB Entry | |
cve@mitre.org | http://www.securitytracker.com/id/1036236 | Broken Link, Third Party Advisory, VDB Entry | |
cve@mitre.org | https://packetstormsecurity.com/files/137742/Putty-Beta-0.67-DLL-Hijacking.html | Exploit, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/538848/100/0/threaded | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036236 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://packetstormsecurity.com/files/137742/Putty-Beta-0.67-DLL-Hijacking.html | Exploit, Third Party Advisory, VDB Entry |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:0.67:beta:*:*:*:*:*:*", matchCriteriaId: "576116A5-C63C-4C3F-9058-916BC0389196", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) UxTheme.dll or (2) ntmarta.dll file in the current working directory.", }, { lang: "es", value: "Varias vulnerabilidades de rutas de búsqueda no confiables en Putty beta 0.67 permiten a los usuarios locales ejecutar código arbitrario y realizar ataques de secuestro de DLL mediante un archivo troyano (1) UxTheme.dll o (2) ntmarta.dll en el directorio de trabajo actual.", }, ], id: "CVE-2016-6167", lastModified: "2024-11-21T02:55:35.240", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-01-30T22:59:00.513", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/538848/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036236", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://packetstormsecurity.com/files/137742/Putty-Beta-0.67-DLL-Hijacking.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/538848/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036236", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://packetstormsecurity.com/files/137742/Putty-Beta-0.67-DLL-Hijacking.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-426", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*", matchCriteriaId: "1283B462-042C-4857-A700-4179AAE20E2F", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*", matchCriteriaId: "2791C9DD-F55D-4683-85AF-B6814C34EFBF", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.50:*:*:*:*:*:*:*", matchCriteriaId: "6D7582C1-AA8E-41E4-9D69-9A18A5B76CB0", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*", matchCriteriaId: "FC082AE0-C49D-4944-BE76-B751DAD1EF84", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*", matchCriteriaId: "23BAD8E4-2D3A-45EE-A25D-77BD698119BB", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.53:*:*:*:*:*:*:*", matchCriteriaId: "58BA8E70-9491-4D4F-9182-2F48347BF6FC", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*", matchCriteriaId: "8F7716EC-E0F9-4E50-8351-35D2F248B380", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*", matchCriteriaId: "46C2BD4D-9817-459E-ACF4-9C95233200A2", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*", matchCriteriaId: "22EE5957-76F3-4B20-ADE7-E72D1300A3F0", vulnerable: true, }, { criteria: "cpe:2.3:a:tortoisecvs:tortoisecvs:1.8:*:*:*:*:*:*:*", matchCriteriaId: "8F8DFE94-B24C-4538-944F-3E609D5992D4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer signedness error in the ssh2_rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2_MSG_DEBUG packet with a modified stringlen parameter, which leads to a buffer overflow.", }, { lang: "es", value: "Error de falta de signo en enteros en la función ssh2_rdpkt en PuTTY anteriores a 0.56 permite a atacantes remotos ejecutar código de su elección mediante un paquete SSH2_MSG_DEBUG con un parámetro stringlen modificado, lo que conduce a un desbordamiento de búfer.", }, ], id: "CVE-2004-1008", lastModified: "2024-11-20T23:49:53.550", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-01-10T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=109889312917613&w=2", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/12987/", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/13012/", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/17214", }, { source: "cve@mitre.org", url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414", }, { source: "cve@mitre.org", url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416", }, { source: "cve@mitre.org", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200410-29.xml", }, { source: "cve@mitre.org", url: "http://www.idefense.com/application/poi/display?id=155&type=vulnerabilities&flashstatus=true", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/11549", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17886", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=109889312917613&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/12987/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/13012/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/17214", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200410-29.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.idefense.com/application/poi/display?id=155&type=vulnerabilities&flashstatus=true", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/11549", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17886", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "92F773D2-C79B-4A3C-9C88-9B74698BF3A6", versionEndExcluding: "0.73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "PuTTY before 0.73 mishandles the \"bracketed paste mode\" protection mechanism, which may allow a session to be affected by malicious clipboard content.", }, { lang: "es", value: "PuTTY versiones anteriores a 0.73, maneja inapropiadamente el mecanismo de protección \"bracketed paste mode\", que puede permitir que una sesión esté afectada por el contenido malicioso del portapapeles.", }, ], id: "CVE-2019-17068", lastModified: "2024-11-21T04:31:38.500", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-01T17:15:10.527", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", }, { source: "cve@mitre.org", url: "https://security.netapp.com/advisory/ntap-20191127-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20191127-0003/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-74", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
cisco | ios | 12.0s | |
cisco | ios | 12.0st | |
cisco | ios | 12.1e | |
cisco | ios | 12.1ea | |
cisco | ios | 12.1t | |
cisco | ios | 12.2 | |
cisco | ios | 12.2s | |
cisco | ios | 12.2t | |
fissh | ssh_client | 1.0a_for_windows | |
intersoft | securenetterm | 5.4.1 | |
netcomposite | shellguard_ssh | 3.4.6 | |
pragma_systems | secureshell | 2.0 | |
putty | putty | 0.48 | |
putty | putty | 0.49 | |
putty | putty | 0.53 | |
winscp | winscp | 2.0.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios:12.0s:*:*:*:*:*:*:*", matchCriteriaId: "2C398460-3F38-4AA7-A4B1-FD8A01588DB5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.0st:*:*:*:*:*:*:*", matchCriteriaId: "DBEA01D2-B985-4575-AF00-144CE2E3024D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1e:*:*:*:*:*:*:*", matchCriteriaId: "7126E176-D739-4102-8F10-1EEB8C6A219D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1ea:*:*:*:*:*:*:*", matchCriteriaId: "E90C0554-1A50-4341-AB07-80AA854673D5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1t:*:*:*:*:*:*:*", matchCriteriaId: "752C3C6B-910D-4153-A162-DF255F60306B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*", matchCriteriaId: "E4BC49F2-3DCB-45F0-9030-13F6415EE178", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2s:*:*:*:*:*:*:*", matchCriteriaId: "2D035A35-D53E-4C49-B4E4-F40B85866F27", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:*", matchCriteriaId: "84900BB3-B49F-448A-9E04-FE423FBCCC4F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:fissh:ssh_client:1.0a_for_windows:*:*:*:*:*:*:*", matchCriteriaId: "0F994C47-04BA-4286-B206-7EC8844E39A4", vulnerable: true, }, { criteria: "cpe:2.3:a:intersoft:securenetterm:5.4.1:*:*:*:*:*:*:*", matchCriteriaId: "06F753D5-DAAD-491E-8158-1C3CE9C30274", vulnerable: true, }, { criteria: "cpe:2.3:a:netcomposite:shellguard_ssh:3.4.6:*:*:*:*:*:*:*", matchCriteriaId: "B4343CA3-F040-4FBE-A688-048BBB3993F0", vulnerable: true, }, { criteria: "cpe:2.3:a:pragma_systems:secureshell:2.0:*:*:*:*:*:*:*", matchCriteriaId: "5259078F-BA9C-4EAB-A331-DCA621D187D5", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*", matchCriteriaId: "1283B462-042C-4857-A700-4179AAE20E2F", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*", matchCriteriaId: "2791C9DD-F55D-4683-85AF-B6814C34EFBF", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.53:*:*:*:*:*:*:*", matchCriteriaId: "58BA8E70-9491-4D4F-9182-2F48347BF6FC", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "833B5B6D-9A6B-4F25-81B0-F27D82940F8D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite.", }, ], id: "CVE-2002-1360", lastModified: "2024-11-20T23:41:07.153", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2002-12-23T05:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1005812", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1005813", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2002-36.html", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5797", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1005812", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1005813", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2002-36.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5797", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:0.53:*:*:*:*:*:*:*", matchCriteriaId: "58BA8E70-9491-4D4F-9182-2F48347BF6FC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.", }, ], id: "CVE-2003-0069", lastModified: "2024-11-20T23:43:52.507", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2003-03-18T05:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=104612710031920&w=2", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.iss.net/security_center/static/11414.php", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/8347", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=104612710031920&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.iss.net/security_center/static/11414.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/8347", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html | Mailing List, Third Party Advisory | |
cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html | Mailing List, Third Party Advisory | |
cve@mitre.org | https://security.netapp.com/advisory/ntap-20190404-0001/ | Third Party Advisory | |
cve@mitre.org | https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html | Release Notes, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190404-0001/ | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html | Release Notes, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "D2DDD5D1-E291-4420-81CA-3924ACAD80B6", versionEndExcluding: "0.71", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", matchCriteriaId: "D83DA865-E4A6-4FBF-AA1B-A969EBA6B2AD", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable.", }, { lang: "es", value: "En PuTTY, en versiones anteriores a la 0.71 en Windows, los atacantes locales podrían secuestrar la aplicación colocando un archivo de ayuda malicioso en el mismo directorio que el ejecutable.", }, ], id: "CVE-2019-9896", lastModified: "2024-11-21T04:52:31.827", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-21T16:01:17.813", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-427", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
cisco | ios | 12.0s | |
cisco | ios | 12.0st | |
cisco | ios | 12.1e | |
cisco | ios | 12.1ea | |
cisco | ios | 12.1t | |
cisco | ios | 12.2 | |
cisco | ios | 12.2s | |
cisco | ios | 12.2t | |
fissh | ssh_client | 1.0a_for_windows | |
intersoft | securenetterm | 5.4.1 | |
netcomposite | shellguard_ssh | 3.4.6 | |
pragma_systems | secureshell | 2.0 | |
putty | putty | 0.48 | |
putty | putty | 0.49 | |
putty | putty | 0.53 | |
winscp | winscp | 2.0.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios:12.0s:*:*:*:*:*:*:*", matchCriteriaId: "2C398460-3F38-4AA7-A4B1-FD8A01588DB5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.0st:*:*:*:*:*:*:*", matchCriteriaId: "DBEA01D2-B985-4575-AF00-144CE2E3024D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1e:*:*:*:*:*:*:*", matchCriteriaId: "7126E176-D739-4102-8F10-1EEB8C6A219D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1ea:*:*:*:*:*:*:*", matchCriteriaId: "E90C0554-1A50-4341-AB07-80AA854673D5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1t:*:*:*:*:*:*:*", matchCriteriaId: "752C3C6B-910D-4153-A162-DF255F60306B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*", matchCriteriaId: "E4BC49F2-3DCB-45F0-9030-13F6415EE178", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2s:*:*:*:*:*:*:*", matchCriteriaId: "2D035A35-D53E-4C49-B4E4-F40B85866F27", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:*", matchCriteriaId: "84900BB3-B49F-448A-9E04-FE423FBCCC4F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:fissh:ssh_client:1.0a_for_windows:*:*:*:*:*:*:*", matchCriteriaId: "0F994C47-04BA-4286-B206-7EC8844E39A4", vulnerable: true, }, { criteria: "cpe:2.3:a:intersoft:securenetterm:5.4.1:*:*:*:*:*:*:*", matchCriteriaId: "06F753D5-DAAD-491E-8158-1C3CE9C30274", vulnerable: true, }, { criteria: "cpe:2.3:a:netcomposite:shellguard_ssh:3.4.6:*:*:*:*:*:*:*", matchCriteriaId: "B4343CA3-F040-4FBE-A688-048BBB3993F0", vulnerable: true, }, { criteria: "cpe:2.3:a:pragma_systems:secureshell:2.0:*:*:*:*:*:*:*", matchCriteriaId: "5259078F-BA9C-4EAB-A331-DCA621D187D5", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*", matchCriteriaId: "1283B462-042C-4857-A700-4179AAE20E2F", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*", matchCriteriaId: "2791C9DD-F55D-4683-85AF-B6814C34EFBF", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.53:*:*:*:*:*:*:*", matchCriteriaId: "58BA8E70-9491-4D4F-9182-2F48347BF6FC", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "833B5B6D-9A6B-4F25-81B0-F27D82940F8D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.", }, ], id: "CVE-2002-1358", lastModified: "2024-11-20T23:41:06.857", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2002-12-23T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1005812", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1005813", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2002-36.html", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1005812", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1005813", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2002-36.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5721", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
putty | putty | * | |
fedoraproject | fedora | 28 | |
fedoraproject | fedora | 29 | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 9.0 | |
netapp | oncommand_unified_manager | - | |
opensuse | leap | 15.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "D2DDD5D1-E291-4420-81CA-3924ACAD80B6", versionEndExcluding: "0.71", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", matchCriteriaId: "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*", matchCriteriaId: "C18CA4B5-28FD-4199-B1F0-B1E59E920370", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71.", }, { lang: "es", value: "Existen múltiples ataques de denegación de servicio (DoS) que pueden desencadenarse escribiendo en la terminal en PuTTY, en versiones anteriores a la 0.71.", }, ], id: "CVE-2019-9897", lastModified: "2024-11-21T04:52:31.977", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-21T16:01:17.843", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/6", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4423", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4423", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "190CABAE-FF9C-44F5-9F8B-7E229DE6B67A", versionEndIncluding: "0.56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been allocated.", }, ], id: "CVE-2005-0467", lastModified: "2024-11-20T23:55:11.357", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: true, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-02-21T05:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/14333", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/17214", }, { source: "cve@mitre.org", url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414", }, { source: "cve@mitre.org", url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200502-28.xml", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.idefense.com/application/poi/display?id=201&type=vulnerabilities", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/19403", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/14333", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/17214", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200502-28.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.idefense.com/application/poi/display?id=201&type=vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/19403", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*", matchCriteriaId: "1283B462-042C-4857-A700-4179AAE20E2F", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*", matchCriteriaId: "2791C9DD-F55D-4683-85AF-B6814C34EFBF", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.50:*:*:*:*:*:*:*", matchCriteriaId: "6D7582C1-AA8E-41E4-9D69-9A18A5B76CB0", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*", matchCriteriaId: "FC082AE0-C49D-4944-BE76-B751DAD1EF84", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*", matchCriteriaId: "23BAD8E4-2D3A-45EE-A25D-77BD698119BB", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.53:*:*:*:*:*:*:*", matchCriteriaId: "58BA8E70-9491-4D4F-9182-2F48347BF6FC", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*", matchCriteriaId: "8F7716EC-E0F9-4E50-8351-35D2F248B380", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*", matchCriteriaId: "46C2BD4D-9817-459E-ACF4-9C95233200A2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow (1) remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, and (2) remote malicious servers to cause a denial of service (client crash) and possibly execute arbitrary code via a large bignum during authentication.", }, ], id: "CVE-2004-1440", lastModified: "2024-11-20T23:50:53.220", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: true, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-12-31T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=109167869528138&w=2", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://secunia.com/advisories/12212/", }, { source: "cve@mitre.org", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "cve@mitre.org", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modpow.html", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200408-04.xml", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/10850", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16885", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=109167869528138&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://secunia.com/advisories/12212/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modpow.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200408-04.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/10850", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16885", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804 | Patch, Vendor Advisory | |
cve@mitre.org | http://secunia.com/advisories/24381 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/24381 | Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "0AB780F8-A784-4757-95AD-8B07A30C3745", versionEndIncluding: "0.59", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files containing private keys generated by puttygen and (2) session logs created by putty, which allows local users to gain sensitive information by reading these files.", }, { lang: "es", value: "PuTTY 0.59 y versiones anteriores utiliza un fichero de permisos débil para (1) ficheros ppk que contienen las claves privadas generadas por el puttygen y (2) los logs de sesión creados por el putty, lo que permite a usuarios locales la obtención de información sensible mediante la lectura de estos ficheros.", }, ], id: "CVE-2006-7162", lastModified: "2024-11-21T00:24:32.153", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2007-03-07T21:19:00.000", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/24381", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/24381", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
putty | putty | 0.45 | |
putty | putty | 0.46 | |
putty | putty | 0.47 | |
putty | putty | 0.48 | |
putty | putty | 0.49 | |
putty | putty | 0.50 | |
putty | putty | 0.51 | |
putty | putty | 0.52 | |
putty | putty | 0.53b | |
putty | putty | 0.54 | |
putty | putty | 0.55 | |
putty | putty | 0.56 | |
putty | putty | 0.57 | |
putty | putty | 0.58 | |
putty | putty | 0.59 | |
putty | putty | 0.60 | |
putty | putty | 0.61 | |
putty | putty | 2010-06-01 | |
simon_tatham | putty | * | |
simon_tatham | putty | 0.53 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:0.45:*:*:*:*:*:*:*", matchCriteriaId: "5D5EB349-B1DF-4CF5-9468-37DC66A929C3", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.46:*:*:*:*:*:*:*", matchCriteriaId: "CF223411-6FA4-43EC-8668-7DB4A98E4DEA", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.47:*:*:*:*:*:*:*", matchCriteriaId: "D0E87C56-DFD9-45D9-9169-3BB94F647F15", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*", matchCriteriaId: "1283B462-042C-4857-A700-4179AAE20E2F", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*", matchCriteriaId: "2791C9DD-F55D-4683-85AF-B6814C34EFBF", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.50:*:*:*:*:*:*:*", matchCriteriaId: "6D7582C1-AA8E-41E4-9D69-9A18A5B76CB0", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*", matchCriteriaId: "FC082AE0-C49D-4944-BE76-B751DAD1EF84", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*", matchCriteriaId: "23BAD8E4-2D3A-45EE-A25D-77BD698119BB", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*", matchCriteriaId: "8F7716EC-E0F9-4E50-8351-35D2F248B380", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*", matchCriteriaId: "46C2BD4D-9817-459E-ACF4-9C95233200A2", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*", matchCriteriaId: "22EE5957-76F3-4B20-ADE7-E72D1300A3F0", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.56:*:*:*:*:*:*:*", matchCriteriaId: "826FA7E4-7F48-4D1C-856C-A965527B0950", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.57:*:*:*:*:*:*:*", matchCriteriaId: "AA54ADC7-2A36-40DA-8219-DAA31509E534", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.58:*:*:*:*:*:*:*", matchCriteriaId: "1A14381E-91A1-4902-B409-1281CFA2D561", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.59:*:*:*:*:*:*:*", matchCriteriaId: "8B33EB10-535F-42F2-8F78-CE128A89447C", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.60:*:*:*:*:*:*:*", matchCriteriaId: "218F9EAF-C260-43EC-99C4-EFACA9A1DA8D", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.61:*:*:*:*:*:*:*", matchCriteriaId: "5966235B-2F1A-45C5-AF65-99FFFE4725DF", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:2010-06-01:r8967:*:*:development_snapshot:*:*:*", matchCriteriaId: "820B9CC0-2A18-4357-B01F-565A0E35E275", vulnerable: true, }, { criteria: "cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "3A8E4288-5CEA-42F3-BF6A-FE7D78C907C0", versionEndIncluding: "0.62", vulnerable: true, }, { criteria: "cpe:2.3:a:simon_tatham:putty:0.53:*:*:*:*:*:*:*", matchCriteriaId: "129133D1-B374-4743-9F52-27D0A9558D17", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication.", }, { lang: "es", value: "Desbordamiento de búfer basado en memoria dinámica en la función modmul en sshbn.c en PuTTY 0.62 y anteriores, permite a servidores SSH remotos provocar una denegación de servicio (caída) y posiblemente causar una corrupción de memoria o ejecución de código a través de una firma DSA manipulada que no es manejada adecuadamente cuando se realizan determinadas operaciones de bit-shifting durante una multiplicación modular.", }, ], id: "CVE-2013-4206", lastModified: "2024-11-21T01:55:07.733", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-08-19T23:55:08.723", references: [ { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54379", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/54533", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://svn.tartarus.org/sgt/putty/sshbn.c?sortby=date&r1=9977&r2=9976&pathrev=9977", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2013/dsa-2736", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2013/08/06/11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54379", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/54533", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://svn.tartarus.org/sgt/putty/sshbn.c?sortby=date&r1=9977&r2=9976&pathrev=9977", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2013/dsa-2736", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2013/08/06/11", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*", matchCriteriaId: "622C1C29-794B-4000-90B0-E2BB65ED0AB2", versionEndIncluding: "5.1.5", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:3.7.6:*:*:*:*:*:*:*", matchCriteriaId: "2E3DFFBF-4E07-4449-A7A0-873DF6A98E21", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:3.8.2:*:*:*:*:*:*:*", matchCriteriaId: "89254511-B715-4515-AA6F-86133A2182CD", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:3.8_beta:*:*:*:*:*:*:*", matchCriteriaId: "5EA30CE9-054B-4C5E-BE4E-8F404E3BBD49", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:4.0.4:*:*:*:*:*:*:*", matchCriteriaId: "D838748A-09CC-4940-829F-910B013A9962", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:4.0.5:*:*:*:*:*:*:*", matchCriteriaId: "F6DD6743-97F5-43AB-8D84-FB3561BDE964", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:4.2.6:*:*:*:*:*:*:*", matchCriteriaId: "12FA1BCF-7E92-4C97-9B44-579A28FD1AA0", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:4.2.7:*:*:*:*:*:*:*", matchCriteriaId: "3569C249-6505-469C-B44D-9CD44497E153", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:4.2.8:*:*:*:*:*:*:*", matchCriteriaId: "D0C15244-1AD8-4D82-BAC4-FD77A83FBFE3", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:4.2.9:*:*:*:*:*:*:*", matchCriteriaId: "B5E49405-3C31-488C-8D28-2A417083D07B", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:4.3.2:*:*:*:*:*:*:*", matchCriteriaId: "2B148D20-65E9-4C6B-985E-69BC737FC36F", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:4.3.4:*:*:*:*:*:*:*", matchCriteriaId: "81237965-5289-4784-BCE9-44891036E49A", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:4.3.5:*:*:*:*:*:*:*", matchCriteriaId: "48CCC513-6594-4AD4-BB11-47456767F741", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:4.3.6:*:*:*:*:*:*:*", matchCriteriaId: "53DAE27A-C884-4619-B9D2-4BB356DD0743", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:4.3.7:*:*:*:*:*:*:*", matchCriteriaId: "3AB16665-C7CD-4672-A8DF-CED0267C6909", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:4.3.8:*:*:*:*:*:*:*", matchCriteriaId: "C4E4F93A-F40E-4367-ACDA-97190281BED5", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:4.3.9:*:*:*:*:*:*:*", matchCriteriaId: "058A5223-B23D-483E-89FC-64BAE4E98FE3", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:4.4.0:*:*:*:*:*:*:*", matchCriteriaId: "E35FFF50-7989-4749-BE7D-51068B249D4C", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:5.0:beta:*:*:*:*:*:*", matchCriteriaId: "1993D161-712E-47AE-8402-538273CC21EB", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:5.0.1:beta:*:*:*:*:*:*", matchCriteriaId: "E42F707C-A70C-4EF5-B898-F693B6C586BB", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:5.0.2:beta:*:*:*:*:*:*", matchCriteriaId: "5C8DB53F-739D-4B28-9D16-D6CF4478CAE9", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:5.0.3:beta:*:*:*:*:*:*", matchCriteriaId: "C6521E48-0607-4F51-81F4-569DC950F01E", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:5.0.4:beta:*:*:*:*:*:*", matchCriteriaId: "D8204C5B-23CF-4111-BF98-EB73442CD47B", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:5.0.5:beta:*:*:*:*:*:*", matchCriteriaId: "4100FDCF-087A-44AA-ABA2-C0632FE452F9", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:5.0.6:beta:*:*:*:*:*:*", matchCriteriaId: "F2496D95-22A2-4EA9-A090-45E630D57526", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:5.0.7:beta:*:*:*:*:*:*", matchCriteriaId: "3C6B9617-B687-4885-8100-2ECBEE1E157A", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:5.0.8:rc:*:*:*:*:*:*", matchCriteriaId: "6D462DB0-E03E-4642-908F-16628FFA68FA", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:5.0.9:rc:*:*:*:*:*:*", matchCriteriaId: "BB0CE816-3C7B-43CA-A0AB-A011D5B093D6", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:5.1:*:*:*:*:*:*:*", matchCriteriaId: "FF1E6934-4CE0-4DFC-BA3E-67395C04B0BB", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:5.1.1:*:*:*:*:*:*:*", matchCriteriaId: "AD7230D1-2155-456D-B43A-AA66B24912B7", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:5.1.2:*:*:*:*:*:*:*", matchCriteriaId: "A56FBACE-0A1F-4AC3-B306-F8B0E9869BAE", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:5.1.3:*:*:*:*:*:*:*", matchCriteriaId: "5FE7557D-6BE4-49EA-97C2-011DF8CB6C74", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:5.1.4:*:*:*:*:*:*:*", matchCriteriaId: "0C392415-3564-44E3-82EA-CB3C8DB0BC27", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "036E8A89-7A16-411F-9D31-676313BB7244", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7B21E9A8-CE63-42C2-A11A-94D977A96DF1", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:0.45:*:*:*:*:*:*:*", matchCriteriaId: "5D5EB349-B1DF-4CF5-9468-37DC66A929C3", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.46:*:*:*:*:*:*:*", matchCriteriaId: "CF223411-6FA4-43EC-8668-7DB4A98E4DEA", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.47:*:*:*:*:*:*:*", matchCriteriaId: "D0E87C56-DFD9-45D9-9169-3BB94F647F15", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*", matchCriteriaId: "1283B462-042C-4857-A700-4179AAE20E2F", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*", matchCriteriaId: "2791C9DD-F55D-4683-85AF-B6814C34EFBF", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.50:*:*:*:*:*:*:*", matchCriteriaId: "6D7582C1-AA8E-41E4-9D69-9A18A5B76CB0", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*", matchCriteriaId: "FC082AE0-C49D-4944-BE76-B751DAD1EF84", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*", matchCriteriaId: "23BAD8E4-2D3A-45EE-A25D-77BD698119BB", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*", matchCriteriaId: "8F7716EC-E0F9-4E50-8351-35D2F248B380", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*", matchCriteriaId: "46C2BD4D-9817-459E-ACF4-9C95233200A2", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*", matchCriteriaId: "22EE5957-76F3-4B20-ADE7-E72D1300A3F0", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.56:*:*:*:*:*:*:*", matchCriteriaId: "826FA7E4-7F48-4D1C-856C-A965527B0950", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.57:*:*:*:*:*:*:*", matchCriteriaId: "AA54ADC7-2A36-40DA-8219-DAA31509E534", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.58:*:*:*:*:*:*:*", matchCriteriaId: "1A14381E-91A1-4902-B409-1281CFA2D561", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.59:*:*:*:*:*:*:*", matchCriteriaId: "8B33EB10-535F-42F2-8F78-CE128A89447C", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.60:*:*:*:*:*:*:*", matchCriteriaId: "218F9EAF-C260-43EC-99C4-EFACA9A1DA8D", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.61:*:*:*:*:*:*:*", matchCriteriaId: "5966235B-2F1A-45C5-AF65-99FFFE4725DF", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:2010-06-01:r8967:*:*:development_snapshot:*:*:*", matchCriteriaId: "820B9CC0-2A18-4357-B01F-565A0E35E275", vulnerable: true, }, { criteria: "cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "3A8E4288-5CEA-42F3-BF6A-FE7D78C907C0", versionEndIncluding: "0.62", vulnerable: true, }, { criteria: "cpe:2.3:a:simon_tatham:putty:0.53:*:*:*:*:*:*:*", matchCriteriaId: "129133D1-B374-4743-9F52-27D0A9558D17", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.", }, { lang: "es", value: "Desbordamiento de entero en PuTTY 0.62 y anteriores, WinSCP anterior a 5.1.6, y otros productos que usan PuTTY, permite a servidores SSH remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario en determinadas aplicaciones que utilizan PuTTY a través de un tamaño negativo en el valor de la firma en la clave RSA durante el handshake SSH, que provoca un desbordamiento basado en memoria dinámica.", }, ], id: "CVE-2013-4852", lastModified: "2024-11-21T01:56:32.023", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-08-19T23:55:09.077", references: [ { source: "cve@mitre.org", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00041.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54379", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/54517", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/54533", }, { source: "cve@mitre.org", url: "http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9896", }, { source: "cve@mitre.org", url: "http://winscp.net/tracker/show_bug.cgi?id=1017", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-signature-stringlen.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2013/dsa-2736", }, { source: "cve@mitre.org", url: "http://www.search-lab.hu/advisories/secadv-20130722", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00041.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54379", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/54517", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/54533", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9896", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://winscp.net/tracker/show_bug.cgi?id=1017", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-signature-stringlen.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2013/dsa-2736", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.search-lab.hu/advisories/secadv-20130722", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-189", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "1159EB89-B30E-4381-8879-B40F5C935B62", versionEndIncluding: "0.75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt (that the attacker can use to capture credential data, and use that data for purposes that are undesired by the client user).", }, { lang: "es", value: "PuTTY versiones hasta 0.75, procede con establecer una sesión SSH incluso si nunca ha enviado una respuesta de autenticación sustantiva. Esto facilita a un servidor SSH controlado por un atacante presentar una petición de autenticación falsa posterior (que el atacante puede usar para capturar los datos de las credenciales, y usar esos datos para fines no deseados por el usuario cliente)", }, ], id: "CVE-2021-36367", lastModified: "2024-11-21T06:13:36.733", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2021-07-09T21:15:08.540", references: [ { source: "cve@mitre.org", url: "https://git.tartarus.org/?p=simon/putty.git%3Ba=commit%3Bh=1dc5659aa62848f0aeb5de7bd3839fecc7debefa", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "cve@mitre.org", url: "https://www.debian.org/security/2023/dsa-5588", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.tartarus.org/?p=simon/putty.git%3Ba=commit%3Bh=1dc5659aa62848f0aeb5de7bd3839fecc7debefa", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2023/dsa-5588", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-345", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-345", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://docs.ssh-mitm.at/puttydos.html | Exploit, Third Party Advisory | |
cve@mitre.org | https://github.com/ssh-mitm/ssh-mitm-plugins/blob/main/ssh_mitm_plugins/ssh/putty_dos.py | Exploit, Third Party Advisory | |
cve@mitre.org | https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html | Release Notes, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://docs.ssh-mitm.at/puttydos.html | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/ssh-mitm/ssh-mitm-plugins/blob/main/ssh_mitm_plugins/ssh/putty_dos.py | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html | Release Notes, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "1C69E11C-8272-4BBA-924C-1EC3A3FA01CA", versionEndExcluding: "0.75", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "PuTTY before 0.75 on Windows allows remote servers to cause a denial of service (Windows GUI hang) by telling the PuTTY window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. NOTE: the same attack methodology may affect some OS-level GUIs on Linux or other platforms for similar reasons.", }, { lang: "es", value: "PuTTY versiones anteriores a 0.75, en Windows permite a servidores remotos causar una denegación de servicio (colgar la GUI de Windows) al indicar a la ventana de PuTTY que cambie su título repetidamente a gran velocidad, lo que resulta en muchas llamadas a SetWindowTextA o SetWindowTextW. NOTA: la misma metodología de ataque puede afectar a algunas interfaces gráficas de usuario en Linux y otras plataformas por razones similares", }, ], id: "CVE-2021-33500", lastModified: "2024-11-21T06:08:57.423", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-21T20:15:07.723", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://docs.ssh-mitm.at/puttydos.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/ssh-mitm/ssh-mitm-plugins/blob/main/ssh_mitm_plugins/ssh/putty_dos.py", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://docs.ssh-mitm.at/puttydos.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/ssh-mitm/ssh-mitm-plugins/blob/main/ssh_mitm_plugins/ssh/putty_dos.py", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
putty | putty | * | |
netapp | oncommand_unified_manager_core_package | - | |
fedoraproject | fedora | 31 | |
fedoraproject | fedora | 32 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "DA634637-36DC-4B12-BA44-350AB2FDA175", versionEndIncluding: "0.73", versionStartIncluding: "0.68", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*", matchCriteriaId: "0A4D418D-B526-46B9-B439-E1963BF88C0A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client).", }, { lang: "es", value: "PuTTY versiones 0.68 hasta 0.73, presenta una Discrepancia Observable que conlleva a una filtración de información en la negociación del algoritmo. Esto permite a atacantes de tipo man-in-the-middle apuntar a los intentos iniciales de conexión (donde ninguna clave de host para el servidor ha sido almacenada en caché por parte del cliente)", }, ], id: "CVE-2020-14002", lastModified: "2024-11-21T05:02:19.737", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-29T18:15:11.767", references: [ { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/26TACCSQYYCPWAJYNAUIXJGZ5RGORJZV/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JPV4A77EDCT4BTFO5BE26ZH72BG4E5IJ/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://lists.tartarus.org/pipermail/putty-announce/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200717-0003/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/26TACCSQYYCPWAJYNAUIXJGZ5RGORJZV/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JPV4A77EDCT4BTFO5BE26ZH72BG4E5IJ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.tartarus.org/pipermail/putty-announce/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200717-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-203", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
putty | putty | 0.45 | |
putty | putty | 0.46 | |
putty | putty | 0.47 | |
putty | putty | 0.48 | |
putty | putty | 0.49 | |
putty | putty | 0.50 | |
putty | putty | 0.51 | |
putty | putty | 0.52 | |
putty | putty | 0.53b | |
putty | putty | 0.54 | |
putty | putty | 0.55 | |
putty | putty | 0.56 | |
putty | putty | 0.57 | |
putty | putty | 0.58 | |
putty | putty | 0.59 | |
putty | putty | 0.60 | |
putty | putty | 0.61 | |
putty | putty | 2010-06-01 | |
simon_tatham | putty | * | |
simon_tatham | putty | 0.53 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:0.45:*:*:*:*:*:*:*", matchCriteriaId: "5D5EB349-B1DF-4CF5-9468-37DC66A929C3", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.46:*:*:*:*:*:*:*", matchCriteriaId: "CF223411-6FA4-43EC-8668-7DB4A98E4DEA", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.47:*:*:*:*:*:*:*", matchCriteriaId: "D0E87C56-DFD9-45D9-9169-3BB94F647F15", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*", matchCriteriaId: "1283B462-042C-4857-A700-4179AAE20E2F", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*", matchCriteriaId: "2791C9DD-F55D-4683-85AF-B6814C34EFBF", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.50:*:*:*:*:*:*:*", matchCriteriaId: "6D7582C1-AA8E-41E4-9D69-9A18A5B76CB0", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*", matchCriteriaId: "FC082AE0-C49D-4944-BE76-B751DAD1EF84", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*", matchCriteriaId: "23BAD8E4-2D3A-45EE-A25D-77BD698119BB", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*", matchCriteriaId: "8F7716EC-E0F9-4E50-8351-35D2F248B380", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*", matchCriteriaId: "46C2BD4D-9817-459E-ACF4-9C95233200A2", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*", matchCriteriaId: "22EE5957-76F3-4B20-ADE7-E72D1300A3F0", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.56:*:*:*:*:*:*:*", matchCriteriaId: "826FA7E4-7F48-4D1C-856C-A965527B0950", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.57:*:*:*:*:*:*:*", matchCriteriaId: "AA54ADC7-2A36-40DA-8219-DAA31509E534", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.58:*:*:*:*:*:*:*", matchCriteriaId: "1A14381E-91A1-4902-B409-1281CFA2D561", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.59:*:*:*:*:*:*:*", matchCriteriaId: "8B33EB10-535F-42F2-8F78-CE128A89447C", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.60:*:*:*:*:*:*:*", matchCriteriaId: "218F9EAF-C260-43EC-99C4-EFACA9A1DA8D", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.61:*:*:*:*:*:*:*", matchCriteriaId: "5966235B-2F1A-45C5-AF65-99FFFE4725DF", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:2010-06-01:r8967:*:*:development_snapshot:*:*:*", matchCriteriaId: "820B9CC0-2A18-4357-B01F-565A0E35E275", vulnerable: true, }, { criteria: "cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "3A8E4288-5CEA-42F3-BF6A-FE7D78C907C0", versionEndIncluding: "0.62", vulnerable: true, }, { criteria: "cpe:2.3:a:simon_tatham:putty:0.53:*:*:*:*:*:*:*", matchCriteriaId: "129133D1-B374-4743-9F52-27D0A9558D17", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a different vulnerability than CVE-2013-4206.", }, { lang: "es", value: "Desbordamiento de búfer en PuTTY 0.62 y anteriores, permite a servidores SSH remotos provocar una denegación de servicio (caída) a través de una firma DSA no válida que no es manejada adecuadamente durante el cálculo de un inverso modular que provoca el desbordamiento durante una división entre cero por la funcionalidad \"bignum\". Vulnerabilidad distinta de CVE-2013-4206.", }, ], id: "CVE-2013-4207", lastModified: "2024-11-21T01:55:07.857", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-08-19T23:55:08.767", references: [ { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54379", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/54533", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2013/dsa-2736", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2013/08/06/11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54379", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/54533", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2013/dsa-2736", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2013/08/06/11", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
cisco | ios | 12.0s | |
cisco | ios | 12.0st | |
cisco | ios | 12.1e | |
cisco | ios | 12.1ea | |
cisco | ios | 12.1t | |
cisco | ios | 12.2 | |
cisco | ios | 12.2s | |
cisco | ios | 12.2t | |
fissh | ssh_client | 1.0a_for_windows | |
intersoft | securenetterm | 5.4.1 | |
netcomposite | shellguard_ssh | 3.4.6 | |
pragma_systems | secureshell | 2.0 | |
putty | putty | 0.48 | |
putty | putty | 0.49 | |
putty | putty | 0.53 | |
winscp | winscp | 2.0.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios:12.0s:*:*:*:*:*:*:*", matchCriteriaId: "2C398460-3F38-4AA7-A4B1-FD8A01588DB5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.0st:*:*:*:*:*:*:*", matchCriteriaId: "DBEA01D2-B985-4575-AF00-144CE2E3024D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1e:*:*:*:*:*:*:*", matchCriteriaId: "7126E176-D739-4102-8F10-1EEB8C6A219D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1ea:*:*:*:*:*:*:*", matchCriteriaId: "E90C0554-1A50-4341-AB07-80AA854673D5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1t:*:*:*:*:*:*:*", matchCriteriaId: "752C3C6B-910D-4153-A162-DF255F60306B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*", matchCriteriaId: "E4BC49F2-3DCB-45F0-9030-13F6415EE178", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2s:*:*:*:*:*:*:*", matchCriteriaId: "2D035A35-D53E-4C49-B4E4-F40B85866F27", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:*", matchCriteriaId: "84900BB3-B49F-448A-9E04-FE423FBCCC4F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:fissh:ssh_client:1.0a_for_windows:*:*:*:*:*:*:*", matchCriteriaId: "0F994C47-04BA-4286-B206-7EC8844E39A4", vulnerable: true, }, { criteria: "cpe:2.3:a:intersoft:securenetterm:5.4.1:*:*:*:*:*:*:*", matchCriteriaId: "06F753D5-DAAD-491E-8158-1C3CE9C30274", vulnerable: true, }, { criteria: "cpe:2.3:a:netcomposite:shellguard_ssh:3.4.6:*:*:*:*:*:*:*", matchCriteriaId: "B4343CA3-F040-4FBE-A688-048BBB3993F0", vulnerable: true, }, { criteria: "cpe:2.3:a:pragma_systems:secureshell:2.0:*:*:*:*:*:*:*", matchCriteriaId: "5259078F-BA9C-4EAB-A331-DCA621D187D5", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*", matchCriteriaId: "1283B462-042C-4857-A700-4179AAE20E2F", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*", matchCriteriaId: "2791C9DD-F55D-4683-85AF-B6814C34EFBF", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.53:*:*:*:*:*:*:*", matchCriteriaId: "58BA8E70-9491-4D4F-9182-2F48347BF6FC", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "833B5B6D-9A6B-4F25-81B0-F27D82940F8D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.", }, ], id: "CVE-2002-1359", lastModified: "2024-11-20T23:41:07.000", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2002-12-23T05:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1005812", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1005813", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2002-36.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/6407", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/10870", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5848", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1005812", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1005813", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2002-36.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/6407", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/10870", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5848", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "92F773D2-C79B-4A3C-9C88-9B74698BF3A6", versionEndExcluding: "0.73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*", matchCriteriaId: "0A4D418D-B526-46B9-B439-E1963BF88C0A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message.", }, { lang: "es", value: "PuTTY versiones anteriores a 0.73, podría permitir que los servidores remotos SSH-1 causen una denegación de servicio mediante el acceso a ubicaciones de memoria liberadas por medio de un mensaje SSH1_MSG_DISCONNECT.", }, ], id: "CVE-2019-17069", lastModified: "2024-11-21T04:31:38.653", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-01T17:15:10.573", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20191127-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20191127-0003/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "8A6D4089-DA56-48A4-8DCB-966EF35CB399", versionEndIncluding: "0.67", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*", matchCriteriaId: "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "CF605E46-ADCE-45B3-BBBA-E593D3CEE2A6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow.", }, { lang: "es", value: "La función ssh_agent_channel_data en PuTTY en versiones anteriores a 0.68 permite a atacantes remotos tener un impacto no especificado a través de un valor de longitud grande en un mensaje de protocolo de agente y aprovechando la capacidad para conectarse al socket de Unix-domain que representa la conexión de agente reenviada, lo que desencadena un desbordamiento de búfer.", }, ], id: "CVE-2017-6542", lastModified: "2024-11-21T03:29:59.450", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-03-27T17:59:00.850", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2017-03/msg00055.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/97156", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1038067", }, { source: "cve@mitre.org", url: "https://git.tartarus.org/?p=simon/putty.git%3Ba=commitdiff%3Bh=4ff22863d895cb7ebfced4cf923a012a614adaa8", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://security.gentoo.org/glsa/201703-03", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201706-09", }, { source: "cve@mitre.org", url: "https://www.exploit-db.com/exploits/42137/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2017-03/msg00055.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/97156", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1038067", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.tartarus.org/?p=simon/putty.git%3Ba=commitdiff%3Bh=4ff22863d895cb7ebfced4cf923a012a614adaa8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://security.gentoo.org/glsa/201703-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201706-09", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.exploit-db.com/exploits/42137/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
cisco | ios | 12.0s | |
cisco | ios | 12.0st | |
cisco | ios | 12.1e | |
cisco | ios | 12.1ea | |
cisco | ios | 12.1t | |
cisco | ios | 12.2 | |
cisco | ios | 12.2s | |
cisco | ios | 12.2t | |
fissh | ssh_client | 1.0a_for_windows | |
intersoft | securenetterm | 5.4.1 | |
netcomposite | shellguard_ssh | 3.4.6 | |
pragma_systems | secureshell | 2.0 | |
putty | putty | 0.48 | |
putty | putty | 0.49 | |
putty | putty | 0.53 | |
winscp | winscp | 2.0.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios:12.0s:*:*:*:*:*:*:*", matchCriteriaId: "2C398460-3F38-4AA7-A4B1-FD8A01588DB5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.0st:*:*:*:*:*:*:*", matchCriteriaId: "DBEA01D2-B985-4575-AF00-144CE2E3024D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1e:*:*:*:*:*:*:*", matchCriteriaId: "7126E176-D739-4102-8F10-1EEB8C6A219D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1ea:*:*:*:*:*:*:*", matchCriteriaId: "E90C0554-1A50-4341-AB07-80AA854673D5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1t:*:*:*:*:*:*:*", matchCriteriaId: "752C3C6B-910D-4153-A162-DF255F60306B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*", matchCriteriaId: "E4BC49F2-3DCB-45F0-9030-13F6415EE178", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2s:*:*:*:*:*:*:*", matchCriteriaId: "2D035A35-D53E-4C49-B4E4-F40B85866F27", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:*", matchCriteriaId: "84900BB3-B49F-448A-9E04-FE423FBCCC4F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:fissh:ssh_client:1.0a_for_windows:*:*:*:*:*:*:*", matchCriteriaId: "0F994C47-04BA-4286-B206-7EC8844E39A4", vulnerable: true, }, { criteria: "cpe:2.3:a:intersoft:securenetterm:5.4.1:*:*:*:*:*:*:*", matchCriteriaId: "06F753D5-DAAD-491E-8158-1C3CE9C30274", vulnerable: true, }, { criteria: "cpe:2.3:a:netcomposite:shellguard_ssh:3.4.6:*:*:*:*:*:*:*", matchCriteriaId: "B4343CA3-F040-4FBE-A688-048BBB3993F0", vulnerable: true, }, { criteria: "cpe:2.3:a:pragma_systems:secureshell:2.0:*:*:*:*:*:*:*", matchCriteriaId: "5259078F-BA9C-4EAB-A331-DCA621D187D5", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*", matchCriteriaId: "1283B462-042C-4857-A700-4179AAE20E2F", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*", matchCriteriaId: "2791C9DD-F55D-4683-85AF-B6814C34EFBF", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.53:*:*:*:*:*:*:*", matchCriteriaId: "58BA8E70-9491-4D4F-9182-2F48347BF6FC", vulnerable: true, }, { criteria: "cpe:2.3:a:winscp:winscp:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "833B5B6D-9A6B-4F25-81B0-F27D82940F8D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.", }, ], id: "CVE-2002-1357", lastModified: "2024-11-20T23:41:06.703", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2002-12-23T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1005812", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1005813", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2002-36.html", }, { source: "cve@mitre.org", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/389665", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/6405", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/10868", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5849", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1005812", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1005813", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2002-36.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/389665", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/6405", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/10868", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5849", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
putty | putty | * | |
filezilla-project | filezilla_client | * | |
winscp | winscp | * | |
tortoisegit | tortoisegit | * | |
tigris | tortoisesvn | * | |
fedoraproject | fedora | 38 | |
fedoraproject | fedora | 39 | |
fedoraproject | fedora | 40 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "E0D6294C-4365-4187-8053-35F3AAC5229F", versionEndExcluding: "0.81", versionStartIncluding: "0.68", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:filezilla-project:filezilla_client:*:*:*:*:*:*:*:*", matchCriteriaId: "A0E9886A-527F-444B-AFB3-33CF777182CC", versionEndExcluding: "3.67.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*", matchCriteriaId: "5DA80FE9-039E-4BF4-AC16-6E65FFAB22A2", versionEndExcluding: "6.3.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tortoisegit:tortoisegit:*:*:*:*:*:*:*:*", matchCriteriaId: "A1C171EB-2081-44AC-9017-B3BA3A88B10A", versionEndExcluding: "2.15.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tigris:tortoisesvn:*:*:*:*:*:*:*:*", matchCriteriaId: "26F28A31-E86D-43C1-8043-2B8ECD723AF7", versionEndExcluding: "1.14.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", matchCriteriaId: "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", matchCriteriaId: "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*", matchCriteriaId: "CA277A6C-83EC-4536-9125-97B84C4FAF59", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim's private key) can derive the victim's private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6.", }, { lang: "es", value: "En PuTTY 0.68 a 0.80 antes de 0.81, la generación nonce ECDSA sesgada permite a un atacante recuperar la clave secreta NIST P-521 de un usuario mediante un ataque rápido en aproximadamente 60 firmas. Esto es especialmente importante en un escenario en el que un adversario puede leer mensajes firmados por PuTTY o Pageant. El conjunto requerido de mensajes firmados puede ser legible públicamente porque están almacenados en un servicio público Git que admite el uso de SSH para la firma de confirmación, y Pageant realizó las firmas a través de un mecanismo de reenvío de agentes. En otras palabras, es posible que un adversario ya tenga suficiente información de firma para comprometer la clave privada de una víctima, incluso si no se utilizan más versiones vulnerables de PuTTY. Después de un compromiso clave, un adversario puede realizar ataques a la cadena de suministro del software mantenido en Git. Un segundo escenario independiente es que el adversario sea un operador de un servidor SSH en el que la víctima se autentica (para inicio de sesión remoto o copia de archivos), aunque la víctima no confíe plenamente en este servidor y la víctima utilice la misma clave privada. para conexiones SSH a otros servicios operados por otras entidades. Aquí, el operador del servidor fraudulento (que de otro modo no tendría forma de determinar la clave privada de la víctima) puede obtener la clave privada de la víctima y luego usarla para acceder no autorizado a esos otros servicios. Si los otros servicios incluyen servicios Git, nuevamente es posible realizar ataques a la cadena de suministro del software mantenido en Git. Esto también afecta, por ejemplo, a FileZilla anterior a 3.67.0, WinSCP anterior a 6.3.3, TortoiseGit anterior a 2.15.0.1 y TortoiseSVN hasta 1.14.6.", }, ], id: "CVE-2024-31497", lastModified: "2024-11-21T09:13:38.997", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-04-15T20:15:11.077", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2024/04/15/6", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275183", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1222864", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://filezilla-project.org/versions.php", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", ], url: "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/advisories/GHSA-6p4c-r453-8743", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/daedalus/BreakingECDSAwithLLL", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=40044665", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security-tracker.debian.org/tracker/CVE-2024-31497", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://tortoisegit.org", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "https://twitter.com/CCBalert/status/1780229237569470549", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "https://twitter.com/lambdafu/status/1779969509522133272", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://winscp.net/eng/news.php", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2024/04/15/6", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2024/04/15/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275183", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1222864", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://filezilla-project.org/versions.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", ], url: "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/advisories/GHSA-6p4c-r453-8743", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/daedalus/BreakingECDSAwithLLL", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=40044665", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security-tracker.debian.org/tracker/CVE-2024-31497", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tortoisegit.org", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "https://twitter.com/CCBalert/status/1780229237569470549", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "https://twitter.com/lambdafu/status/1779969509522133272", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://winscp.net/eng/news.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2024/04/15/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.vicarius.io/vsociety/posts/understanding-a-critical-vulnerability-in-putty-biased-ecdsa-nonce-generation-revealing-nist-p-521-private-keys-cve-2024-31497", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-338", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "92F773D2-C79B-4A3C-9C88-9B74698BF3A6", versionEndExcluding: "0.73", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection.", }, { lang: "es", value: "PuTTY versiones anteriores a 0.73 en Windows abre inapropiadamente los sockets de escucha de reenvío de puertos, lo que permite a los atacantes escuchar sobre el mismo puerto para robar una conexión entrante.", }, ], id: "CVE-2019-17067", lastModified: "2024-11-21T04:31:38.360", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-01T17:15:10.463", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", }, { source: "cve@mitre.org", url: "https://security.netapp.com/advisory/ntap-20191127-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20191127-0003/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-770", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
putty | putty | * | |
fedoraproject | fedora | 28 | |
fedoraproject | fedora | 29 | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 9.0 | |
netapp | oncommand_unified_manager | - | |
opensuse | leap | 15.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "D2DDD5D1-E291-4420-81CA-3924ACAD80B6", versionEndExcluding: "0.71", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", matchCriteriaId: "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*", matchCriteriaId: "C18CA4B5-28FD-4199-B1F0-B1E59E920370", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification.", }, { lang: "es", value: "Puede ocurrir una sobrescritura de memoria desencadenable remotamente en el intercambio de claves RSA en PuTTY, en versiones anteriores a la 0.71, antes de la verificación de claves del host.", }, ], id: "CVE-2019-9894", lastModified: "2024-11-21T04:52:31.517", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-21T16:01:17.733", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/6", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4423", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4423", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-320", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
putty | putty | * | |
opengroup | unix | - | |
fedoraproject | fedora | 28 | |
fedoraproject | fedora | 29 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "D2DDD5D1-E291-4420-81CA-3924ACAD80B6", versionEndExcluding: "0.71", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*", matchCriteriaId: "6A90CB3A-9BE7-475C-9E75-6ECAD2106302", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", matchCriteriaId: "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding.", }, { lang: "es", value: "En PuTTY, en versiones anteriores a la 0.71 en Unix, existe un desbordamiento de búfer desencadenable remotamente en cualquier tipo de redirección servidor-a-cliente.", }, ], id: "CVE-2019-9895", lastModified: "2024-11-21T04:52:31.673", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-21T16:01:17.780", references: [ { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { source: "cve@mitre.org", url: "https://seclists.org/bugtraq/2019/Apr/6", }, { source: "cve@mitre.org", url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "cve@mitre.org", url: "https://www.debian.org/security/2019/dsa-4423", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Apr/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4423", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
putty | putty | 0.45 | |
putty | putty | 0.46 | |
putty | putty | 0.47 | |
putty | putty | 0.48 | |
putty | putty | 0.49 | |
putty | putty | 0.50 | |
putty | putty | 0.51 | |
putty | putty | 0.52 | |
putty | putty | 0.53b | |
putty | putty | 0.54 | |
putty | putty | 0.55 | |
putty | putty | 0.56 | |
putty | putty | 0.57 | |
putty | putty | 0.58 | |
putty | putty | 0.59 | |
putty | putty | 0.60 | |
putty | putty | 0.61 | |
simon_tatham | putty | * | |
simon_tatham | putty | 0.53 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:0.45:*:*:*:*:*:*:*", matchCriteriaId: "5D5EB349-B1DF-4CF5-9468-37DC66A929C3", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.46:*:*:*:*:*:*:*", matchCriteriaId: "CF223411-6FA4-43EC-8668-7DB4A98E4DEA", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.47:*:*:*:*:*:*:*", matchCriteriaId: "D0E87C56-DFD9-45D9-9169-3BB94F647F15", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*", matchCriteriaId: "1283B462-042C-4857-A700-4179AAE20E2F", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*", matchCriteriaId: "2791C9DD-F55D-4683-85AF-B6814C34EFBF", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.50:*:*:*:*:*:*:*", matchCriteriaId: "6D7582C1-AA8E-41E4-9D69-9A18A5B76CB0", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*", matchCriteriaId: "FC082AE0-C49D-4944-BE76-B751DAD1EF84", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*", matchCriteriaId: "23BAD8E4-2D3A-45EE-A25D-77BD698119BB", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*", matchCriteriaId: "8F7716EC-E0F9-4E50-8351-35D2F248B380", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*", matchCriteriaId: "46C2BD4D-9817-459E-ACF4-9C95233200A2", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*", matchCriteriaId: "22EE5957-76F3-4B20-ADE7-E72D1300A3F0", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.56:*:*:*:*:*:*:*", matchCriteriaId: "826FA7E4-7F48-4D1C-856C-A965527B0950", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.57:*:*:*:*:*:*:*", matchCriteriaId: "AA54ADC7-2A36-40DA-8219-DAA31509E534", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.58:*:*:*:*:*:*:*", matchCriteriaId: "1A14381E-91A1-4902-B409-1281CFA2D561", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.59:*:*:*:*:*:*:*", matchCriteriaId: "8B33EB10-535F-42F2-8F78-CE128A89447C", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.60:*:*:*:*:*:*:*", matchCriteriaId: "218F9EAF-C260-43EC-99C4-EFACA9A1DA8D", vulnerable: true, }, { criteria: "cpe:2.3:a:putty:putty:0.61:*:*:*:*:*:*:*", matchCriteriaId: "5966235B-2F1A-45C5-AF65-99FFFE4725DF", vulnerable: true, }, { criteria: "cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "3A8E4288-5CEA-42F3-BF6A-FE7D78C907C0", versionEndIncluding: "0.62", vulnerable: true, }, { criteria: "cpe:2.3:a:simon_tatham:putty:0.53:*:*:*:*:*:*:*", matchCriteriaId: "129133D1-B374-4743-9F52-27D0A9558D17", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys.", }, { lang: "es", value: "La función rsa_verify en PuTTY anterior a 0.63 (1) no limpia de memoria los procesos sensibles después de usarlos y (2)no libera determinadas estructuras que contienen procesos sensibles, lo que podría permitir a usuarios locales descubrir claves privadas RSA y DSA.", }, ], id: "CVE-2013-4208", lastModified: "2024-11-21T01:55:07.970", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-08-19T23:55:08.833", references: [ { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54379", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/54533", }, { source: "secalert@redhat.com", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2013/dsa-2736", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2013/08/06/11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/54379", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/54533", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2013/dsa-2736", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2013/08/06/11", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2000-0476
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://archives.neohapsis.com/archives/bugtraq/2000-05/0420.html | mailing-list | |
http://archives.neohapsis.com/archives/bugtraq/2000-05/0409.html | mailing-list | |
http://www.securityfocus.com/bid/1298 | vdb-entry | |
http://www.openwall.com/lists/oss-security/2024/06/09/1 | mailing-list | |
http://www.openwall.com/lists/oss-security/2024/06/09/2 | mailing-list |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T05:21:31.299Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20000601 Re: [rootshell.com] Xterm DoS Attack", tags: [ "mailing-list", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0420.html", }, { name: "20000601 [rootshell.com] Xterm DoS Attack", tags: [ "mailing-list", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0409.html", }, { name: "1298", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securityfocus.com/bid/1298", }, { name: "[oss-security] 20240609 vte 0.76.3 released with fix for CVE-2024-37535", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/06/09/1", }, { name: "[oss-security] 20240609 Re: vte 0.76.3 released with fix for CVE-2024-37535", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/06/09/2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2000-06-01T00:00:00", descriptions: [ { lang: "en", value: "xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape characters which force the window to be resized.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-10T16:13:15.549161", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20000601 Re: [rootshell.com] Xterm DoS Attack", tags: [ "mailing-list", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0420.html", }, { name: "20000601 [rootshell.com] Xterm DoS Attack", tags: [ "mailing-list", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0409.html", }, { name: "1298", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/1298", }, { name: "[oss-security] 20240609 vte 0.76.3 released with fix for CVE-2024-37535", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2024/06/09/1", }, { name: "[oss-security] 20240609 Re: vte 0.76.3 released with fix for CVE-2024-37535", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2024/06/09/2", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2000-0476", datePublished: "2000-07-12T04:00:00", dateReserved: "2000-07-11T00:00:00", dateUpdated: "2024-08-08T05:21:31.299Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-17069
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:33:16.479Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", }, { name: "openSUSE-SU-2019:2277", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html", }, { name: "openSUSE-SU-2019:2276", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html", }, { name: "openSUSE-SU-2019:2292", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20191127-0003/", }, { name: "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-04-25T22:06:00.991642", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", }, { name: "openSUSE-SU-2019:2277", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html", }, { name: "openSUSE-SU-2019:2276", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html", }, { name: "openSUSE-SU-2019:2292", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html", }, { url: "https://security.netapp.com/advisory/ntap-20191127-0003/", }, { name: "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-17069", datePublished: "2019-10-01T00:00:00", dateReserved: "2019-10-01T00:00:00", dateUpdated: "2024-08-05T01:33:16.479Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2003-0048
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://marc.info/?l=bugtraq&m=104386492422014&w=2 | mailing-list, x_refsource_BUGTRAQ | |
http://www.securitytracker.com/id?1006014 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/6724 | vdb-entry, x_refsource_BID | |
http://www.idefense.com/advisory/01.28.03.txt | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T01:43:35.440Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=104386492422014&w=2", }, { name: "1006014", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1006014", }, { name: "6724", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/6724", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.idefense.com/advisory/01.28.03.txt", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2003-01-29T00:00:00", descriptions: [ { lang: "en", value: "PuTTY 0.53b and earlier does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-10-17T13:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=104386492422014&w=2", }, { name: "1006014", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1006014", }, { name: "6724", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/6724", }, { tags: [ "x_refsource_MISC", ], url: "http://www.idefense.com/advisory/01.28.03.txt", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2003-0048", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "PuTTY 0.53b and earlier does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=104386492422014&w=2", }, { name: "1006014", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1006014", }, { name: "6724", refsource: "BID", url: "http://www.securityfocus.com/bid/6724", }, { name: "http://www.idefense.com/advisory/01.28.03.txt", refsource: "MISC", url: "http://www.idefense.com/advisory/01.28.03.txt", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2003-0048", datePublished: "2003-02-01T05:00:00", dateReserved: "2003-01-28T00:00:00", dateUpdated: "2024-08-08T01:43:35.440Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2003-0069
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://marc.info/?l=bugtraq&m=104612710031920&w=2 | mailing-list, x_refsource_BUGTRAQ | |
http://www.iss.net/security_center/static/11414.php | vdb-entry, x_refsource_XF | |
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html | mailing-list, x_refsource_VULNWATCH | |
http://www.osvdb.org/8347 | vdb-entry, x_refsource_OSVDB |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T01:43:35.470Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20030224 Terminal Emulator Security Issues", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=104612710031920&w=2", }, { name: "terminal-emulator-window-title(11414)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "http://www.iss.net/security_center/static/11414.php", }, { name: "20030224 Terminal Emulator Security Issues", tags: [ "mailing-list", "x_refsource_VULNWATCH", "x_transferred", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html", }, { name: "8347", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/8347", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2003-02-24T00:00:00", descriptions: [ { lang: "en", value: "The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2009-01-02T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20030224 Terminal Emulator Security Issues", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=104612710031920&w=2", }, { name: "terminal-emulator-window-title(11414)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "http://www.iss.net/security_center/static/11414.php", }, { name: "20030224 Terminal Emulator Security Issues", tags: [ "mailing-list", "x_refsource_VULNWATCH", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html", }, { name: "8347", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/8347", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2003-0069", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20030224 Terminal Emulator Security Issues", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=104612710031920&w=2", }, { name: "terminal-emulator-window-title(11414)", refsource: "XF", url: "http://www.iss.net/security_center/static/11414.php", }, { name: "20030224 Terminal Emulator Security Issues", refsource: "VULNWATCH", url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html", }, { name: "8347", refsource: "OSVDB", url: "http://www.osvdb.org/8347", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2003-0069", datePublished: "2004-09-01T04:00:00", dateReserved: "2003-02-04T00:00:00", dateUpdated: "2024-08-08T01:43:35.470Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14002
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:32:14.652Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { tags: [ "x_transferred", ], url: "https://lists.tartarus.org/pipermail/putty-announce/", }, { tags: [ "x_transferred", ], url: "https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/", }, { name: "FEDORA-2020-35442ce9b7", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/26TACCSQYYCPWAJYNAUIXJGZ5RGORJZV/", }, { name: "FEDORA-2020-f4dba093f1", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JPV4A77EDCT4BTFO5BE26ZH72BG4E5IJ/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200717-0003/", }, { name: "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-04-25T22:06:02.698657", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { url: "https://lists.tartarus.org/pipermail/putty-announce/", }, { url: "https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/", }, { name: "FEDORA-2020-35442ce9b7", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/26TACCSQYYCPWAJYNAUIXJGZ5RGORJZV/", }, { name: "FEDORA-2020-f4dba093f1", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JPV4A77EDCT4BTFO5BE26ZH72BG4E5IJ/", }, { url: "https://security.netapp.com/advisory/ntap-20200717-0003/", }, { name: "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14002", datePublished: "2020-06-29T00:00:00", dateReserved: "2020-06-10T00:00:00", dateUpdated: "2024-08-04T12:32:14.652Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-2157
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html | x_refsource_CONFIRM | |
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151933.html | vendor-advisory, x_refsource_FEDORA | |
http://www.securityfocus.com/bid/72825 | vdb-entry, x_refsource_BID | |
http://www.debian.org/security/2015/dsa-3190 | vendor-advisory, x_refsource_DEBIAN | |
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151790.html | vendor-advisory, x_refsource_FEDORA | |
http://www.openwall.com/lists/oss-security/2015/02/28/4 | mailing-list, x_refsource_MLIST | |
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html | x_refsource_CONFIRM | |
http://www.openwall.com/lists/oss-security/2015/02/28/5 | mailing-list, x_refsource_MLIST | |
http://lists.opensuse.org/opensuse-updates/2015-03/msg00032.html | vendor-advisory, x_refsource_SUSE | |
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151839.html | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:10:14.276Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "FEDORA-2015-3160", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151933.html", }, { name: "72825", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72825", }, { name: "DSA-3190", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3190", }, { name: "FEDORA-2015-3070", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151790.html", }, { name: "[oss-security] 20150228 CVE Request: PuTTY fails to clear private key information from memory", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/02/28/4", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html", }, { name: "[oss-security] 20150228 Re: CVE Request: PuTTY fails to clear private key information from memory", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/02/28/5", }, { name: "openSUSE-SU-2015:0474", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00032.html", }, { name: "FEDORA-2015-3204", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151839.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-02-28T00:00:00", descriptions: [ { lang: "en", value: "The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-11-30T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "FEDORA-2015-3160", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151933.html", }, { name: "72825", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72825", }, { name: "DSA-3190", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3190", }, { name: "FEDORA-2015-3070", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151790.html", }, { name: "[oss-security] 20150228 CVE Request: PuTTY fails to clear private key information from memory", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/02/28/4", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html", }, { name: "[oss-security] 20150228 Re: CVE Request: PuTTY fails to clear private key information from memory", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/02/28/5", }, { name: "openSUSE-SU-2015:0474", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00032.html", }, { name: "FEDORA-2015-3204", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151839.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-2157", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", refsource: "CONFIRM", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "FEDORA-2015-3160", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151933.html", }, { name: "72825", refsource: "BID", url: "http://www.securityfocus.com/bid/72825", }, { name: "DSA-3190", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3190", }, { name: "FEDORA-2015-3070", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151790.html", }, { name: "[oss-security] 20150228 CVE Request: PuTTY fails to clear private key information from memory", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/02/28/4", }, { name: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html", refsource: "CONFIRM", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html", }, { name: "[oss-security] 20150228 Re: CVE Request: PuTTY fails to clear private key information from memory", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/02/28/5", }, { name: "openSUSE-SU-2015:0474", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00032.html", }, { name: "FEDORA-2015-3204", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151839.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-2157", datePublished: "2015-03-27T14:00:00", dateReserved: "2015-02-28T00:00:00", dateUpdated: "2024-08-06T05:10:14.276Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4206
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.openwall.com/lists/oss-security/2013/08/06/11 | mailing-list, x_refsource_MLIST | |
http://secunia.com/advisories/54533 | third-party-advisory, x_refsource_SECUNIA | |
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html | x_refsource_CONFIRM | |
http://www.debian.org/security/2013/dsa-2736 | vendor-advisory, x_refsource_DEBIAN | |
http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://secunia.com/advisories/54379 | third-party-advisory, x_refsource_SECUNIA | |
http://svn.tartarus.org/sgt/putty/sshbn.c?sortby=date&r1=9977&r2=9976&pathrev=9977 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:38:01.677Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2013/08/06/11", }, { name: "54533", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/54533", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html", }, { name: "DSA-2736", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2013/dsa-2736", }, { name: "openSUSE-SU-2013:1347", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { name: "54379", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/54379", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://svn.tartarus.org/sgt/putty/sshbn.c?sortby=date&r1=9977&r2=9976&pathrev=9977", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-08-05T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-08-30T09:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2013/08/06/11", }, { name: "54533", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/54533", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html", }, { name: "DSA-2736", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2013/dsa-2736", }, { name: "openSUSE-SU-2013:1347", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { name: "54379", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/54379", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://svn.tartarus.org/sgt/putty/sshbn.c?sortby=date&r1=9977&r2=9976&pathrev=9977", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2013-4206", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2013/08/06/11", }, { name: "54533", refsource: "SECUNIA", url: "http://secunia.com/advisories/54533", }, { name: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html", refsource: "CONFIRM", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html", }, { name: "DSA-2736", refsource: "DEBIAN", url: "http://www.debian.org/security/2013/dsa-2736", }, { name: "openSUSE-SU-2013:1347", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { name: "54379", refsource: "SECUNIA", url: "http://secunia.com/advisories/54379", }, { name: "http://svn.tartarus.org/sgt/putty/sshbn.c?sortby=date&r1=9977&r2=9976&pathrev=9977", refsource: "CONFIRM", url: "http://svn.tartarus.org/sgt/putty/sshbn.c?sortby=date&r1=9977&r2=9976&pathrev=9977", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-4206", datePublished: "2013-08-19T23:00:00", dateReserved: "2013-06-12T00:00:00", dateUpdated: "2024-08-06T16:38:01.677Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-48795
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T21:46:27.255Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { tags: [ "x_transferred", ], url: "https://matt.ucc.asn.au/dropbear/CHANGES", }, { tags: [ "x_transferred", ], url: "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES", }, { tags: [ "x_transferred", ], url: "https://www.netsarang.com/en/xshell-update-history/", }, { tags: [ "x_transferred", ], url: "https://www.paramiko.org/changelog.html", }, { tags: [ "x_transferred", ], url: "https://www.openssh.com/openbsd.html", }, { tags: [ "x_transferred", ], url: "https://github.com/openssh/openssh-portable/commits/master", }, { tags: [ "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ", }, { tags: [ "x_transferred", ], url: "https://www.bitvise.com/ssh-server-version-history", }, { tags: [ "x_transferred", ], url: "https://github.com/ronf/asyncssh/tags", }, { tags: [ "x_transferred", ], url: "https://gitlab.com/libssh/libssh-mirror/-/tags", }, { tags: [ "x_transferred", ], url: "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/", }, { tags: [ "x_transferred", ], url: "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42", }, { tags: [ "x_transferred", ], url: "https://www.openssh.com/txt/release-9.6", }, { tags: [ "x_transferred", ], url: "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/", }, { tags: [ "x_transferred", ], url: "https://www.terrapin-attack.com", }, { tags: [ "x_transferred", ], url: "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25", }, { tags: [ "x_transferred", ], url: "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst", }, { tags: [ "x_transferred", ], url: "https://thorntech.com/cve-2023-48795-and-sftp-gateway/", }, { tags: [ "x_transferred", ], url: "https://github.com/warp-tech/russh/releases/tag/v0.40.2", }, { tags: [ "x_transferred", ], url: "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0", }, { tags: [ "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2023/12/18/2", }, { tags: [ "x_transferred", ], url: "https://twitter.com/TrueSkrillor/status/1736774389725565005", }, { tags: [ "x_transferred", ], url: "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d", }, { tags: [ "x_transferred", ], url: "https://github.com/paramiko/paramiko/issues/2337", }, { tags: [ "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg", }, { tags: [ "x_transferred", ], url: "https://news.ycombinator.com/item?id=38684904", }, { tags: [ "x_transferred", ], url: "https://news.ycombinator.com/item?id=38685286", }, { name: "[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/12/18/3", }, { tags: [ "x_transferred", ], url: "https://github.com/mwiede/jsch/issues/457", }, { tags: [ "x_transferred", ], url: "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6", }, { tags: [ "x_transferred", ], url: "https://github.com/erlang/otp/releases/tag/OTP-26.2.1", }, { tags: [ "x_transferred", ], url: "https://github.com/advisories/GHSA-45x7-px36-x8w8", }, { tags: [ "x_transferred", ], url: "https://security-tracker.debian.org/tracker/source-package/libssh2", }, { tags: [ "x_transferred", ], url: "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg", }, { tags: [ "x_transferred", ], url: "https://security-tracker.debian.org/tracker/CVE-2023-48795", }, { tags: [ "x_transferred", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1217950", }, { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2254210", }, { tags: [ "x_transferred", ], url: "https://bugs.gentoo.org/920280", }, { tags: [ "x_transferred", ], url: "https://ubuntu.com/security/CVE-2023-48795", }, { tags: [ "x_transferred", ], url: "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/", }, { tags: [ "x_transferred", ], url: "https://access.redhat.com/security/cve/cve-2023-48795", }, { tags: [ "x_transferred", ], url: "https://github.com/mwiede/jsch/pull/461", }, { tags: [ "x_transferred", ], url: "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6", }, { tags: [ "x_transferred", ], url: "https://github.com/libssh2/libssh2/pull/1291", }, { tags: [ "x_transferred", ], url: "https://forum.netgate.com/topic/184941/terrapin-ssh-attack", }, { tags: [ "x_transferred", ], url: "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5", }, { tags: [ "x_transferred", ], url: "https://github.com/rapier1/hpn-ssh/releases", }, { tags: [ "x_transferred", ], url: "https://github.com/proftpd/proftpd/issues/456", }, { tags: [ "x_transferred", ], url: "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1", }, { tags: [ "x_transferred", ], url: "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15", }, { tags: [ "x_transferred", ], url: "https://oryx-embedded.com/download/#changelog", }, { tags: [ "x_transferred", ], url: "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update", }, { tags: [ "x_transferred", ], url: "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22", }, { tags: [ "x_transferred", ], url: "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab", }, { tags: [ "x_transferred", ], url: "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3", }, { tags: [ "x_transferred", ], url: "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC", }, { tags: [ "x_transferred", ], url: "https://crates.io/crates/thrussh/versions", }, { tags: [ "x_transferred", ], url: "https://github.com/NixOS/nixpkgs/pull/275249", }, { name: "[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/12/19/5", }, { tags: [ "x_transferred", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc", }, { tags: [ "x_transferred", ], url: "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/", }, { name: "[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/12/20/3", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html", }, { tags: [ "x_transferred", ], url: "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES", }, { tags: [ "x_transferred", ], url: "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES", }, { tags: [ "x_transferred", ], url: "https://github.com/apache/mina-sshd/issues/445", }, { tags: [ "x_transferred", ], url: "https://github.com/hierynomus/sshj/issues/916", }, { tags: [ "x_transferred", ], url: "https://github.com/janmojzis/tinyssh/issues/81", }, { tags: [ "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2023/12/20/3", }, { tags: [ "x_transferred", ], url: "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2", }, { tags: [ "x_transferred", ], url: "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16", }, { name: "FEDORA-2023-0733306be9", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/", }, { name: "DSA-5586", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5586", }, { tags: [ "x_transferred", ], url: "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508", }, { tags: [ "x_transferred", ], url: "https://www.theregister.com/2023/12/20/terrapin_attack_ssh", }, { tags: [ "x_transferred", ], url: "https://filezilla-project.org/versions.php", }, { tags: [ "x_transferred", ], url: "https://nova.app/releases/#v11.8", }, { tags: [ "x_transferred", ], url: "https://roumenpetrov.info/secsh/#news20231220", }, { tags: [ "x_transferred", ], url: "https://www.vandyke.com/products/securecrt/history.txt", }, { tags: [ "x_transferred", ], url: "https://help.panic.com/releasenotes/transmit5/", }, { tags: [ "x_transferred", ], url: "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta", }, { tags: [ "x_transferred", ], url: "https://github.com/PowerShell/Win32-OpenSSH/issues/2189", }, { tags: [ "x_transferred", ], url: "https://winscp.net/eng/docs/history#6.2.2", }, { tags: [ "x_transferred", ], url: "https://www.bitvise.com/ssh-client-version-history#933", }, { tags: [ "x_transferred", ], url: "https://github.com/cyd01/KiTTY/issues/520", }, { name: "DSA-5588", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5588", }, { tags: [ "x_transferred", ], url: "https://github.com/ssh-mitm/ssh-mitm/issues/165", }, { tags: [ "x_transferred", ], url: "https://news.ycombinator.com/item?id=38732005", }, { name: "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html", }, { name: "GLSA-202312-16", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202312-16", }, { name: "GLSA-202312-17", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202312-17", }, { name: "FEDORA-2023-20feb865d8", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/", }, { name: "FEDORA-2023-cb8c606fbb", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/", }, { name: "FEDORA-2023-e77300e4b5", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/", }, { name: "FEDORA-2023-b87ec6cf47", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/", }, { name: "FEDORA-2023-153404713b", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240105-0004/", }, { name: "FEDORA-2024-3bb23c77f3", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/", }, { name: "FEDORA-2023-55800423a8", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/", }, { name: "FEDORA-2024-d946b9ad25", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/", }, { name: "FEDORA-2024-71c2c6526c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/", }, { name: "FEDORA-2024-39a8c72ea9", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/", }, { tags: [ "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002", }, { name: "FEDORA-2024-ae653fb07b", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/", }, { name: "FEDORA-2024-2705241461", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/", }, { name: "FEDORA-2024-fb32950d11", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/", }, { name: "FEDORA-2024-7b08207cdb", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/", }, { name: "FEDORA-2024-06ebb70bdd", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/", }, { name: "[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html", }, { name: "[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html", }, { name: "FEDORA-2024-a53b24023d", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/", }, { name: "FEDORA-2024-3fd1bc9276", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT214084", }, { name: "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2024/Mar/21", }, { name: "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, { name: "[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/04/17/8", }, { name: "[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/03/06/3", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-01T18:06:23.972272", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { url: "https://matt.ucc.asn.au/dropbear/CHANGES", }, { url: "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES", }, { url: "https://www.netsarang.com/en/xshell-update-history/", }, { url: "https://www.paramiko.org/changelog.html", }, { url: "https://www.openssh.com/openbsd.html", }, { url: "https://github.com/openssh/openssh-portable/commits/master", }, { url: "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ", }, { url: "https://www.bitvise.com/ssh-server-version-history", }, { url: "https://github.com/ronf/asyncssh/tags", }, { url: "https://gitlab.com/libssh/libssh-mirror/-/tags", }, { url: "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/", }, { url: "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42", }, { url: "https://www.openssh.com/txt/release-9.6", }, { url: "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/", }, { url: "https://www.terrapin-attack.com", }, { url: "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25", }, { url: "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst", }, { url: "https://thorntech.com/cve-2023-48795-and-sftp-gateway/", }, { url: "https://github.com/warp-tech/russh/releases/tag/v0.40.2", }, { url: "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0", }, { url: "https://www.openwall.com/lists/oss-security/2023/12/18/2", }, { url: "https://twitter.com/TrueSkrillor/status/1736774389725565005", }, { url: "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d", }, { url: "https://github.com/paramiko/paramiko/issues/2337", }, { url: "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg", }, { url: "https://news.ycombinator.com/item?id=38684904", }, { url: "https://news.ycombinator.com/item?id=38685286", }, { name: "[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/12/18/3", }, { url: "https://github.com/mwiede/jsch/issues/457", }, { url: "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6", }, { url: "https://github.com/erlang/otp/releases/tag/OTP-26.2.1", }, { url: "https://github.com/advisories/GHSA-45x7-px36-x8w8", }, { url: "https://security-tracker.debian.org/tracker/source-package/libssh2", }, { url: "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg", }, { url: "https://security-tracker.debian.org/tracker/CVE-2023-48795", }, { url: "https://bugzilla.suse.com/show_bug.cgi?id=1217950", }, { url: "https://bugzilla.redhat.com/show_bug.cgi?id=2254210", }, { url: "https://bugs.gentoo.org/920280", }, { url: "https://ubuntu.com/security/CVE-2023-48795", }, { url: "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/", }, { url: "https://access.redhat.com/security/cve/cve-2023-48795", }, { url: "https://github.com/mwiede/jsch/pull/461", }, { url: "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6", }, { url: "https://github.com/libssh2/libssh2/pull/1291", }, { url: "https://forum.netgate.com/topic/184941/terrapin-ssh-attack", }, { url: "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5", }, { url: "https://github.com/rapier1/hpn-ssh/releases", }, { url: "https://github.com/proftpd/proftpd/issues/456", }, { url: "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1", }, { url: "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15", }, { url: "https://oryx-embedded.com/download/#changelog", }, { url: "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update", }, { url: "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22", }, { url: "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab", }, { url: "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3", }, { url: "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC", }, { url: "https://crates.io/crates/thrussh/versions", }, { url: "https://github.com/NixOS/nixpkgs/pull/275249", }, { name: "[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/12/19/5", }, { url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc", }, { url: "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/", }, { name: "[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/12/20/3", }, { url: "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html", }, { url: "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES", }, { url: "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES", }, { url: "https://github.com/apache/mina-sshd/issues/445", }, { url: "https://github.com/hierynomus/sshj/issues/916", }, { url: "https://github.com/janmojzis/tinyssh/issues/81", }, { url: "https://www.openwall.com/lists/oss-security/2023/12/20/3", }, { url: "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2", }, { url: "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16", }, { name: "FEDORA-2023-0733306be9", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/", }, { name: "DSA-5586", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5586", }, { url: "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508", }, { url: "https://www.theregister.com/2023/12/20/terrapin_attack_ssh", }, { url: "https://filezilla-project.org/versions.php", }, { url: "https://nova.app/releases/#v11.8", }, { url: "https://roumenpetrov.info/secsh/#news20231220", }, { url: "https://www.vandyke.com/products/securecrt/history.txt", }, { url: "https://help.panic.com/releasenotes/transmit5/", }, { url: "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta", }, { url: "https://github.com/PowerShell/Win32-OpenSSH/issues/2189", }, { url: "https://winscp.net/eng/docs/history#6.2.2", }, { url: "https://www.bitvise.com/ssh-client-version-history#933", }, { url: "https://github.com/cyd01/KiTTY/issues/520", }, { name: "DSA-5588", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5588", }, { url: "https://github.com/ssh-mitm/ssh-mitm/issues/165", }, { url: "https://news.ycombinator.com/item?id=38732005", }, { name: "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html", }, { name: "GLSA-202312-16", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202312-16", }, { name: "GLSA-202312-17", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202312-17", }, { name: "FEDORA-2023-20feb865d8", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/", }, { name: "FEDORA-2023-cb8c606fbb", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/", }, { name: "FEDORA-2023-e77300e4b5", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/", }, { name: "FEDORA-2023-b87ec6cf47", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/", }, { name: "FEDORA-2023-153404713b", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/", }, { url: "https://security.netapp.com/advisory/ntap-20240105-0004/", }, { name: "FEDORA-2024-3bb23c77f3", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/", }, { name: "FEDORA-2023-55800423a8", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/", }, { name: "FEDORA-2024-d946b9ad25", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/", }, { name: "FEDORA-2024-71c2c6526c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/", }, { name: "FEDORA-2024-39a8c72ea9", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/", }, { url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002", }, { name: "FEDORA-2024-ae653fb07b", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/", }, { name: "FEDORA-2024-2705241461", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/", }, { name: "FEDORA-2024-fb32950d11", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/", }, { name: "FEDORA-2024-7b08207cdb", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/", }, { name: "FEDORA-2024-06ebb70bdd", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/", }, { name: "[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html", }, { name: "[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html", }, { name: "FEDORA-2024-a53b24023d", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/", }, { name: "FEDORA-2024-3fd1bc9276", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/", }, { url: "https://support.apple.com/kb/HT214084", }, { name: "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2024/Mar/21", }, { name: "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, { name: "[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2024/04/17/8", }, { name: "[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2024/03/06/3", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-48795", datePublished: "2023-12-18T00:00:00", dateReserved: "2023-11-20T00:00:00", dateUpdated: "2024-08-02T21:46:27.255Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-17068
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html | vendor-advisory, x_refsource_SUSE | |
https://security.netapp.com/advisory/ntap-20191127-0003/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:33:16.641Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", }, { name: "openSUSE-SU-2019:2277", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html", }, { name: "openSUSE-SU-2019:2276", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html", }, { name: "openSUSE-SU-2019:2292", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20191127-0003/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "PuTTY before 0.73 mishandles the \"bracketed paste mode\" protection mechanism, which may allow a session to be affected by malicious clipboard content.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-27T06:06:09", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", }, { name: "openSUSE-SU-2019:2277", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html", }, { name: "openSUSE-SU-2019:2276", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html", }, { name: "openSUSE-SU-2019:2292", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20191127-0003/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-17068", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "PuTTY before 0.73 mishandles the \"bracketed paste mode\" protection mechanism, which may allow a session to be affected by malicious clipboard content.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", refsource: "MISC", url: "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", }, { name: "openSUSE-SU-2019:2277", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html", }, { name: "openSUSE-SU-2019:2276", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html", }, { name: "openSUSE-SU-2019:2292", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html", }, { name: "https://security.netapp.com/advisory/ntap-20191127-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20191127-0003/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-17068", datePublished: "2019-10-01T16:55:28", dateReserved: "2019-10-01T00:00:00", dateUpdated: "2024-08-05T01:33:16.641Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2002-1358
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://securitytracker.com/id?1005812 | vdb-entry, x_refsource_SECTRACK | |
http://www.cert.org/advisories/CA-2002-36.html | third-party-advisory, x_refsource_CERT | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5721 | vdb-entry, signature, x_refsource_OVAL | |
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html | mailing-list, x_refsource_VULNWATCH | |
http://securitytracker.com/id?1005813 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T03:19:28.601Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1005812", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1005812", }, { name: "CA-2002-36", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.cert.org/advisories/CA-2002-36.html", }, { name: "oval:org.mitre.oval:def:5721", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5721", }, { name: "20021216 R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors", tags: [ "mailing-list", "x_refsource_VULNWATCH", "x_transferred", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { name: "1005813", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1005813", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2002-12-16T00:00:00", descriptions: [ { lang: "en", value: "Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "1005812", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1005812", }, { name: "CA-2002-36", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.cert.org/advisories/CA-2002-36.html", }, { name: "oval:org.mitre.oval:def:5721", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5721", }, { name: "20021216 R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors", tags: [ "mailing-list", "x_refsource_VULNWATCH", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { name: "1005813", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1005813", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2002-1358", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1005812", refsource: "SECTRACK", url: "http://securitytracker.com/id?1005812", }, { name: "CA-2002-36", refsource: "CERT", url: "http://www.cert.org/advisories/CA-2002-36.html", }, { name: "oval:org.mitre.oval:def:5721", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5721", }, { name: "20021216 R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors", refsource: "VULNWATCH", url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { name: "1005813", refsource: "SECTRACK", url: "http://securitytracker.com/id?1005813", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2002-1358", datePublished: "2002-12-17T05:00:00", dateReserved: "2002-12-14T00:00:00", dateUpdated: "2024-08-08T03:19:28.601Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-9897
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/ | vendor-advisory, x_refsource_FEDORA | |
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html | vendor-advisory, x_refsource_SUSE | |
https://seclists.org/bugtraq/2019/Apr/6 | mailing-list, x_refsource_BUGTRAQ | |
https://security.netapp.com/advisory/ntap-20190404-0001/ | x_refsource_CONFIRM | |
https://www.debian.org/security/2019/dsa-4423 | vendor-advisory, x_refsource_DEBIAN | |
https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:01:55.229Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "FEDORA-2019-5776dfe300", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { name: "FEDORA-2019-9e1a1cd634", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { name: "openSUSE-SU-2019:1113", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { name: "openSUSE-SU-2019:1123", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { name: "20190403 [SECURITY] [DSA 4423-1] putty security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Apr/6", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, { name: "DSA-4423", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4423", }, { name: "[debian-lts-announce] 20190424 [SECURITY] [DLA 1763-1] putty security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-24T23:06:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "FEDORA-2019-5776dfe300", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { name: "FEDORA-2019-9e1a1cd634", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { name: "openSUSE-SU-2019:1113", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { name: "openSUSE-SU-2019:1123", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { name: "20190403 [SECURITY] [DSA 4423-1] putty security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Apr/6", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, { name: "DSA-4423", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4423", }, { name: "[debian-lts-announce] 20190424 [SECURITY] [DLA 1763-1] putty security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-9897", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", refsource: "MISC", url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "FEDORA-2019-5776dfe300", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { name: "FEDORA-2019-9e1a1cd634", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { name: "openSUSE-SU-2019:1113", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { name: "openSUSE-SU-2019:1123", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { name: "20190403 [SECURITY] [DSA 4423-1] putty security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Apr/6", }, { name: "https://security.netapp.com/advisory/ntap-20190404-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, { name: "DSA-4423", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4423", }, { name: "[debian-lts-announce] 20190424 [SECURITY] [DLA 1763-1] putty security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-9897", datePublished: "2019-03-21T02:31:46", dateReserved: "2019-03-20T00:00:00", dateUpdated: "2024-08-04T22:01:55.229Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-33500
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html | x_refsource_MISC | |
https://docs.ssh-mitm.at/puttydos.html | x_refsource_MISC | |
https://github.com/ssh-mitm/ssh-mitm-plugins/blob/main/ssh_mitm_plugins/ssh/putty_dos.py | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:50:42.977Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://docs.ssh-mitm.at/puttydos.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/ssh-mitm/ssh-mitm-plugins/blob/main/ssh_mitm_plugins/ssh/putty_dos.py", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "PuTTY before 0.75 on Windows allows remote servers to cause a denial of service (Windows GUI hang) by telling the PuTTY window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. NOTE: the same attack methodology may affect some OS-level GUIs on Linux or other platforms for similar reasons.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-21T19:42:26", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { tags: [ "x_refsource_MISC", ], url: "https://docs.ssh-mitm.at/puttydos.html", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/ssh-mitm/ssh-mitm-plugins/blob/main/ssh_mitm_plugins/ssh/putty_dos.py", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-33500", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "PuTTY before 0.75 on Windows allows remote servers to cause a denial of service (Windows GUI hang) by telling the PuTTY window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. NOTE: the same attack methodology may affect some OS-level GUIs on Linux or other platforms for similar reasons.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", refsource: "MISC", url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "https://docs.ssh-mitm.at/puttydos.html", refsource: "MISC", url: "https://docs.ssh-mitm.at/puttydos.html", }, { name: "https://github.com/ssh-mitm/ssh-mitm-plugins/blob/main/ssh_mitm_plugins/ssh/putty_dos.py", refsource: "MISC", url: "https://github.com/ssh-mitm/ssh-mitm-plugins/blob/main/ssh_mitm_plugins/ssh/putty_dos.py", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-33500", datePublished: "2021-05-21T19:42:26", dateReserved: "2021-05-21T00:00:00", dateUpdated: "2024-08-03T23:50:42.977Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-1440
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.gentoo.org/security/en/glsa/glsa-200408-04.xml | vendor-advisory, x_refsource_GENTOO | |
http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/10850 | vdb-entry, x_refsource_BID | |
http://secunia.com/advisories/12212/ | third-party-advisory, x_refsource_SECUNIA | |
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modpow.html | x_refsource_CONFIRM | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/16885 | vdb-entry, x_refsource_XF | |
http://marc.info/?l=bugtraq&m=109167869528138&w=2 | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:53:23.781Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-200408-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200408-04.xml", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "10850", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/10850", }, { name: "12212", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/12212/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modpow.html", }, { name: "putty-code-execution(16885)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16885", }, { name: "20040804 CORE-2004-0705: Vulnerabilities in PuTTY and PSCP", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=109167869528138&w=2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-08-04T00:00:00", descriptions: [ { lang: "en", value: "Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow (1) remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, and (2) remote malicious servers to cause a denial of service (client crash) and possibly execute arbitrary code via a large bignum during authentication.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-10T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "GLSA-200408-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200408-04.xml", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "10850", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/10850", }, { name: "12212", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/12212/", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modpow.html", }, { name: "putty-code-execution(16885)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16885", }, { name: "20040804 CORE-2004-0705: Vulnerabilities in PuTTY and PSCP", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=109167869528138&w=2", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-1440", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow (1) remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, and (2) remote malicious servers to cause a denial of service (client crash) and possibly execute arbitrary code via a large bignum during authentication.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "GLSA-200408-04", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200408-04.xml", }, { name: "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", refsource: "CONFIRM", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "10850", refsource: "BID", url: "http://www.securityfocus.com/bid/10850", }, { name: "12212", refsource: "SECUNIA", url: "http://secunia.com/advisories/12212/", }, { name: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modpow.html", refsource: "CONFIRM", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modpow.html", }, { name: "putty-code-execution(16885)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16885", }, { name: "20040804 CORE-2004-0705: Vulnerabilities in PuTTY and PSCP", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=109167869528138&w=2", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-1440", datePublished: "2005-02-13T05:00:00", dateReserved: "2005-02-13T00:00:00", dateUpdated: "2024-08-08T00:53:23.781Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4852
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://secunia.com/advisories/54533 | third-party-advisory, x_refsource_SECUNIA | |
http://secunia.com/advisories/54517 | third-party-advisory, x_refsource_SECUNIA | |
http://winscp.net/tracker/show_bug.cgi?id=1017 | x_refsource_MISC | |
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779 | x_refsource_CONFIRM | |
http://www.search-lab.hu/advisories/secadv-20130722 | x_refsource_MISC | |
http://www.debian.org/security/2013/dsa-2736 | vendor-advisory, x_refsource_DEBIAN | |
http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9896 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://secunia.com/advisories/54379 | third-party-advisory, x_refsource_SECUNIA | |
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-signature-stringlen.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-updates/2013-08/msg00041.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:59:40.996Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "54533", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/54533", }, { name: "54517", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/54517", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://winscp.net/tracker/show_bug.cgi?id=1017", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.search-lab.hu/advisories/secadv-20130722", }, { name: "DSA-2736", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2013/dsa-2736", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9896", }, { name: "openSUSE-SU-2013:1347", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { name: "54379", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/54379", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-signature-stringlen.html", }, { name: "openSUSE-SU-2013:1355", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00041.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-08-05T00:00:00", descriptions: [ { lang: "en", value: "Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-08-30T09:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "54533", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/54533", }, { name: "54517", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/54517", }, { tags: [ "x_refsource_MISC", ], url: "http://winscp.net/tracker/show_bug.cgi?id=1017", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779", }, { tags: [ "x_refsource_MISC", ], url: "http://www.search-lab.hu/advisories/secadv-20130722", }, { name: "DSA-2736", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2013/dsa-2736", }, { tags: [ "x_refsource_MISC", ], url: "http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9896", }, { name: "openSUSE-SU-2013:1347", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { name: "54379", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/54379", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-signature-stringlen.html", }, { name: "openSUSE-SU-2013:1355", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00041.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2013-4852", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "54533", refsource: "SECUNIA", url: "http://secunia.com/advisories/54533", }, { name: "54517", refsource: "SECUNIA", url: "http://secunia.com/advisories/54517", }, { name: "http://winscp.net/tracker/show_bug.cgi?id=1017", refsource: "MISC", url: "http://winscp.net/tracker/show_bug.cgi?id=1017", }, { name: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779", refsource: "CONFIRM", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779", }, { name: "http://www.search-lab.hu/advisories/secadv-20130722", refsource: "MISC", url: "http://www.search-lab.hu/advisories/secadv-20130722", }, { name: "DSA-2736", refsource: "DEBIAN", url: "http://www.debian.org/security/2013/dsa-2736", }, { name: "http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9896", refsource: "MISC", url: "http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9896", }, { name: "openSUSE-SU-2013:1347", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { name: "54379", refsource: "SECUNIA", url: "http://secunia.com/advisories/54379", }, { name: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-signature-stringlen.html", refsource: "CONFIRM", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-signature-stringlen.html", }, { name: "openSUSE-SU-2013:1355", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00041.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2013-4852", datePublished: "2013-08-19T23:00:00", dateReserved: "2013-07-16T00:00:00", dateUpdated: "2024-08-06T16:59:40.996Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-36367
Vulnerability from cvelistv5
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:putty:putty:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "putty", vendor: "putty", versions: [ { lessThanOrEqual: "0.75", status: "affected", version: "-", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2021-36367", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-02-22T20:07:50.029818Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-345", description: "CWE-345 Insufficient Verification of Data Authenticity", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-04T17:13:16.563Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-04T00:54:51.472Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { tags: [ "x_transferred", ], url: "https://git.tartarus.org/?p=simon/putty.git%3Ba=commit%3Bh=1dc5659aa62848f0aeb5de7bd3839fecc7debefa", }, { name: "DSA-5588", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5588", }, { name: "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt (that the attacker can use to capture credential data, and use that data for purposes that are undesired by the client user).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-04-25T22:05:53.574730", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { url: "https://git.tartarus.org/?p=simon/putty.git%3Ba=commit%3Bh=1dc5659aa62848f0aeb5de7bd3839fecc7debefa", }, { name: "DSA-5588", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5588", }, { name: "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-36367", datePublished: "2021-07-09T00:00:00", dateReserved: "2021-07-09T00:00:00", dateUpdated: "2024-08-04T00:54:51.472Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-9894
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/ | vendor-advisory, x_refsource_FEDORA | |
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html | vendor-advisory, x_refsource_SUSE | |
https://seclists.org/bugtraq/2019/Apr/6 | mailing-list, x_refsource_BUGTRAQ | |
https://security.netapp.com/advisory/ntap-20190404-0001/ | x_refsource_CONFIRM | |
https://www.debian.org/security/2019/dsa-4423 | vendor-advisory, x_refsource_DEBIAN | |
https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:01:55.138Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "FEDORA-2019-5776dfe300", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { name: "FEDORA-2019-9e1a1cd634", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { name: "openSUSE-SU-2019:1113", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { name: "openSUSE-SU-2019:1123", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { name: "20190403 [SECURITY] [DSA 4423-1] putty security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Apr/6", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, { name: "DSA-4423", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4423", }, { name: "[debian-lts-announce] 20190424 [SECURITY] [DLA 1763-1] putty security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-24T23:06:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "FEDORA-2019-5776dfe300", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { name: "FEDORA-2019-9e1a1cd634", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { name: "openSUSE-SU-2019:1113", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { name: "openSUSE-SU-2019:1123", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { name: "20190403 [SECURITY] [DSA 4423-1] putty security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Apr/6", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, { name: "DSA-4423", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4423", }, { name: "[debian-lts-announce] 20190424 [SECURITY] [DLA 1763-1] putty security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-9894", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", refsource: "MISC", url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "FEDORA-2019-5776dfe300", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { name: "FEDORA-2019-9e1a1cd634", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { name: "openSUSE-SU-2019:1113", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { name: "openSUSE-SU-2019:1123", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { name: "20190403 [SECURITY] [DSA 4423-1] putty security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Apr/6", }, { name: "https://security.netapp.com/advisory/ntap-20190404-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, { name: "DSA-4423", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4423", }, { name: "[debian-lts-announce] 20190424 [SECURITY] [DLA 1763-1] putty security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-9894", datePublished: "2019-03-21T02:30:54", dateReserved: "2019-03-20T00:00:00", dateUpdated: "2024-08-04T22:01:55.138Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2002-1360
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://securitytracker.com/id?1005812 | vdb-entry, x_refsource_SECTRACK | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5797 | vdb-entry, signature, x_refsource_OVAL | |
http://www.cert.org/advisories/CA-2002-36.html | third-party-advisory, x_refsource_CERT | |
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html | mailing-list, x_refsource_VULNWATCH | |
http://securitytracker.com/id?1005813 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T03:19:28.662Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1005812", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1005812", }, { name: "oval:org.mitre.oval:def:5797", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5797", }, { name: "CA-2002-36", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.cert.org/advisories/CA-2002-36.html", }, { name: "20021216 R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors", tags: [ "mailing-list", "x_refsource_VULNWATCH", "x_transferred", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { name: "1005813", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1005813", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2002-12-16T00:00:00", descriptions: [ { lang: "en", value: "Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "1005812", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1005812", }, { name: "oval:org.mitre.oval:def:5797", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5797", }, { name: "CA-2002-36", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.cert.org/advisories/CA-2002-36.html", }, { name: "20021216 R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors", tags: [ "mailing-list", "x_refsource_VULNWATCH", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { name: "1005813", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1005813", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2002-1360", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1005812", refsource: "SECTRACK", url: "http://securitytracker.com/id?1005812", }, { name: "oval:org.mitre.oval:def:5797", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5797", }, { name: "CA-2002-36", refsource: "CERT", url: "http://www.cert.org/advisories/CA-2002-36.html", }, { name: "20021216 R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors", refsource: "VULNWATCH", url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { name: "1005813", refsource: "SECTRACK", url: "http://securitytracker.com/id?1005813", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2002-1360", datePublished: "2002-12-17T05:00:00", dateReserved: "2002-12-14T00:00:00", dateUpdated: "2024-08-08T03:19:28.662Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2002-1357
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://securitytracker.com/id?1005812 | vdb-entry, x_refsource_SECTRACK | |
http://www.cert.org/advisories/CA-2002-36.html | third-party-advisory, x_refsource_CERT | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5849 | vdb-entry, signature, x_refsource_OVAL | |
http://www.kb.cert.org/vuls/id/389665 | third-party-advisory, x_refsource_CERT-VN | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/10868 | vdb-entry, x_refsource_XF | |
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html | mailing-list, x_refsource_VULNWATCH | |
http://www.securityfocus.com/bid/6405 | vdb-entry, x_refsource_BID | |
http://securitytracker.com/id?1005813 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T03:19:28.536Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1005812", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1005812", }, { name: "CA-2002-36", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.cert.org/advisories/CA-2002-36.html", }, { name: "oval:org.mitre.oval:def:5849", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5849", }, { name: "VU#389665", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/389665", }, { name: "ssh-transport-length-bo(10868)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/10868", }, { name: "20021216 R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors", tags: [ "mailing-list", "x_refsource_VULNWATCH", "x_transferred", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { name: "6405", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/6405", }, { name: "1005813", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1005813", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2002-12-16T00:00:00", descriptions: [ { lang: "en", value: "Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "1005812", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1005812", }, { name: "CA-2002-36", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.cert.org/advisories/CA-2002-36.html", }, { name: "oval:org.mitre.oval:def:5849", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5849", }, { name: "VU#389665", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/389665", }, { name: "ssh-transport-length-bo(10868)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/10868", }, { name: "20021216 R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors", tags: [ "mailing-list", "x_refsource_VULNWATCH", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { name: "6405", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/6405", }, { name: "1005813", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1005813", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2002-1357", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1005812", refsource: "SECTRACK", url: "http://securitytracker.com/id?1005812", }, { name: "CA-2002-36", refsource: "CERT", url: "http://www.cert.org/advisories/CA-2002-36.html", }, { name: "oval:org.mitre.oval:def:5849", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5849", }, { name: "VU#389665", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/389665", }, { name: "ssh-transport-length-bo(10868)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/10868", }, { name: "20021216 R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors", refsource: "VULNWATCH", url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { name: "6405", refsource: "BID", url: "http://www.securityfocus.com/bid/6405", }, { name: "1005813", refsource: "SECTRACK", url: "http://securitytracker.com/id?1005813", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2002-1357", datePublished: "2002-12-17T05:00:00", dateReserved: "2002-12-14T00:00:00", dateUpdated: "2024-08-08T03:19:28.536Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-1008
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414 | x_refsource_CONFIRM | |
http://secunia.com/advisories/13012/ | third-party-advisory, x_refsource_SECUNIA | |
http://www.idefense.com/application/poi/display?id=155&type=vulnerabilities&flashstatus=true | third-party-advisory, x_refsource_IDEFENSE | |
http://www.chiark.greenend.org.uk/~sgtatham/putty/ | x_refsource_CONFIRM | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/17886 | vdb-entry, x_refsource_XF | |
http://secunia.com/advisories/12987/ | third-party-advisory, x_refsource_SECUNIA | |
http://www.securityfocus.com/bid/11549 | vdb-entry, x_refsource_BID | |
http://marc.info/?l=bugtraq&m=109889312917613&w=2 | mailing-list, x_refsource_BUGTRAQ | |
http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416 | x_refsource_CONFIRM | |
http://secunia.com/advisories/17214 | third-party-advisory, x_refsource_SECUNIA | |
http://www.gentoo.org/security/en/glsa/glsa-200410-29.xml | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:39:00.884Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414", }, { name: "13012", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/13012/", }, { name: "20041027 PuTTY SSH2_MSG_DEBUG Buffer Overflow Vulnerability", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred", ], url: "http://www.idefense.com/application/poi/display?id=155&type=vulnerabilities&flashstatus=true", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/", }, { name: "putty-ssh2msgdebug-bo(17886)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17886", }, { name: "12987", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/12987/", }, { name: "11549", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/11549", }, { name: "20041027 PuTTY SSH client vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=109889312917613&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416", }, { name: "17214", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17214", }, { name: "GLSA-200410-29", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200410-29.xml", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-10-27T00:00:00", descriptions: [ { lang: "en", value: "Integer signedness error in the ssh2_rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2_MSG_DEBUG packet with a modified stringlen parameter, which leads to a buffer overflow.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-10T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414", }, { name: "13012", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/13012/", }, { name: "20041027 PuTTY SSH2_MSG_DEBUG Buffer Overflow Vulnerability", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", ], url: "http://www.idefense.com/application/poi/display?id=155&type=vulnerabilities&flashstatus=true", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/", }, { name: "putty-ssh2msgdebug-bo(17886)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17886", }, { name: "12987", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/12987/", }, { name: "11549", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/11549", }, { name: "20041027 PuTTY SSH client vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=109889312917613&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416", }, { name: "17214", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17214", }, { name: "GLSA-200410-29", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200410-29.xml", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-1008", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer signedness error in the ssh2_rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2_MSG_DEBUG packet with a modified stringlen parameter, which leads to a buffer overflow.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414", refsource: "CONFIRM", url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414", }, { name: "13012", refsource: "SECUNIA", url: "http://secunia.com/advisories/13012/", }, { name: "20041027 PuTTY SSH2_MSG_DEBUG Buffer Overflow Vulnerability", refsource: "IDEFENSE", url: "http://www.idefense.com/application/poi/display?id=155&type=vulnerabilities&flashstatus=true", }, { name: "http://www.chiark.greenend.org.uk/~sgtatham/putty/", refsource: "CONFIRM", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/", }, { name: "putty-ssh2msgdebug-bo(17886)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17886", }, { name: "12987", refsource: "SECUNIA", url: "http://secunia.com/advisories/12987/", }, { name: "11549", refsource: "BID", url: "http://www.securityfocus.com/bid/11549", }, { name: "20041027 PuTTY SSH client vulnerability", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=109889312917613&w=2", }, { name: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416", refsource: "CONFIRM", url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416", }, { name: "17214", refsource: "SECUNIA", url: "http://secunia.com/advisories/17214", }, { name: "GLSA-200410-29", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200410-29.xml", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-1008", datePublished: "2004-12-01T05:00:00", dateReserved: "2004-11-03T00:00:00", dateUpdated: "2024-08-08T00:39:00.884Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2006-7162
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://secunia.com/advisories/24381 | third-party-advisory, x_refsource_SECUNIA | |
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T20:57:40.179Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "24381", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/24381", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files containing private keys generated by puttygen and (2) session logs created by putty, which allows local users to gain sensitive information by reading these files.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2007-03-07T21:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "24381", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/24381", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2006-7162", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files containing private keys generated by puttygen and (2) session logs created by putty, which allows local users to gain sensitive information by reading these files.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "24381", refsource: "SECUNIA", url: "http://secunia.com/advisories/24381", }, { name: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804", refsource: "CONFIRM", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2006-7162", datePublished: "2007-03-07T21:00:00Z", dateReserved: "2007-03-07T00:00:00Z", dateUpdated: "2024-09-16T17:18:10.028Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4207
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.openwall.com/lists/oss-security/2013/08/06/11 | mailing-list, x_refsource_MLIST | |
http://secunia.com/advisories/54533 | third-party-advisory, x_refsource_SECUNIA | |
http://www.debian.org/security/2013/dsa-2736 | vendor-advisory, x_refsource_DEBIAN | |
http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html | x_refsource_CONFIRM | |
http://secunia.com/advisories/54379 | third-party-advisory, x_refsource_SECUNIA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:38:01.696Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2013/08/06/11", }, { name: "54533", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/54533", }, { name: "DSA-2736", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2013/dsa-2736", }, { name: "openSUSE-SU-2013:1347", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html", }, { name: "54379", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/54379", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-08-05T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a different vulnerability than CVE-2013-4206.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-08-30T09:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2013/08/06/11", }, { name: "54533", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/54533", }, { name: "DSA-2736", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2013/dsa-2736", }, { name: "openSUSE-SU-2013:1347", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html", }, { name: "54379", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/54379", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2013-4207", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a different vulnerability than CVE-2013-4206.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2013/08/06/11", }, { name: "54533", refsource: "SECUNIA", url: "http://secunia.com/advisories/54533", }, { name: "DSA-2736", refsource: "DEBIAN", url: "http://www.debian.org/security/2013/dsa-2736", }, { name: "openSUSE-SU-2013:1347", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { name: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html", refsource: "CONFIRM", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html", }, { name: "54379", refsource: "SECUNIA", url: "http://secunia.com/advisories/54379", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-4207", datePublished: "2013-08-19T23:00:00", dateReserved: "2013-06-12T00:00:00", dateUpdated: "2024-08-06T16:38:01.696Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4208
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.openwall.com/lists/oss-security/2013/08/06/11 | mailing-list, x_refsource_MLIST | |
http://secunia.com/advisories/54533 | third-party-advisory, x_refsource_SECUNIA | |
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html | x_refsource_CONFIRM | |
http://www.debian.org/security/2013/dsa-2736 | vendor-advisory, x_refsource_DEBIAN | |
http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html | vendor-advisory, x_refsource_SUSE | |
http://secunia.com/advisories/54379 | third-party-advisory, x_refsource_SECUNIA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:38:01.962Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2013/08/06/11", }, { name: "54533", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/54533", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html", }, { name: "DSA-2736", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2013/dsa-2736", }, { name: "openSUSE-SU-2013:1347", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { name: "54379", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/54379", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-08-05T00:00:00", descriptions: [ { lang: "en", value: "The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-08-30T09:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2013/08/06/11", }, { name: "54533", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/54533", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html", }, { name: "DSA-2736", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2013/dsa-2736", }, { name: "openSUSE-SU-2013:1347", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { name: "54379", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/54379", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2013-4208", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2013/08/06/11", }, { name: "54533", refsource: "SECUNIA", url: "http://secunia.com/advisories/54533", }, { name: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html", refsource: "CONFIRM", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html", }, { name: "DSA-2736", refsource: "DEBIAN", url: "http://www.debian.org/security/2013/dsa-2736", }, { name: "openSUSE-SU-2013:1347", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html", }, { name: "54379", refsource: "SECUNIA", url: "http://secunia.com/advisories/54379", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-4208", datePublished: "2013-08-19T23:00:00", dateReserved: "2013-06-12T00:00:00", dateUpdated: "2024-08-06T16:38:01.962Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-9895
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/ | vendor-advisory, x_refsource_FEDORA | |
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html | vendor-advisory, x_refsource_SUSE | |
https://seclists.org/bugtraq/2019/Apr/6 | mailing-list, x_refsource_BUGTRAQ | |
https://security.netapp.com/advisory/ntap-20190404-0001/ | x_refsource_CONFIRM | |
https://www.debian.org/security/2019/dsa-4423 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:01:55.131Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "FEDORA-2019-5776dfe300", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { name: "FEDORA-2019-9e1a1cd634", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { name: "openSUSE-SU-2019:1113", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { name: "openSUSE-SU-2019:1123", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { name: "20190403 [SECURITY] [DSA 4423-1] putty security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Apr/6", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, { name: "DSA-4423", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4423", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-05T04:06:07", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "FEDORA-2019-5776dfe300", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { name: "FEDORA-2019-9e1a1cd634", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { name: "openSUSE-SU-2019:1113", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { name: "openSUSE-SU-2019:1123", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { name: "20190403 [SECURITY] [DSA 4423-1] putty security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Apr/6", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, { name: "DSA-4423", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4423", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-9895", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", refsource: "MISC", url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "FEDORA-2019-5776dfe300", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { name: "FEDORA-2019-9e1a1cd634", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { name: "openSUSE-SU-2019:1113", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { name: "openSUSE-SU-2019:1123", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { name: "20190403 [SECURITY] [DSA 4423-1] putty security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Apr/6", }, { name: "https://security.netapp.com/advisory/ntap-20190404-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, { name: "DSA-4423", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4423", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-9895", datePublished: "2019-03-21T02:31:06", dateReserved: "2019-03-20T00:00:00", dateUpdated: "2024-08-04T22:01:55.131Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-6167
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://packetstormsecurity.com/files/137742/Putty-Beta-0.67-DLL-Hijacking.html | x_refsource_MISC | |
http://www.securitytracker.com/id/1036236 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/archive/1/538848/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:22:20.594Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://packetstormsecurity.com/files/137742/Putty-Beta-0.67-DLL-Hijacking.html", }, { name: "1036236", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036236", }, { name: "20160706 Re: Putty (beta 0.67) DLL Hijacking Vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/538848/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-07-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) UxTheme.dll or (2) ntmarta.dll file in the current working directory.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://packetstormsecurity.com/files/137742/Putty-Beta-0.67-DLL-Hijacking.html", }, { name: "1036236", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036236", }, { name: "20160706 Re: Putty (beta 0.67) DLL Hijacking Vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/538848/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-6167", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) UxTheme.dll or (2) ntmarta.dll file in the current working directory.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://packetstormsecurity.com/files/137742/Putty-Beta-0.67-DLL-Hijacking.html", refsource: "MISC", url: "https://packetstormsecurity.com/files/137742/Putty-Beta-0.67-DLL-Hijacking.html", }, { name: "1036236", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036236", }, { name: "20160706 Re: Putty (beta 0.67) DLL Hijacking Vulnerability", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/538848/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-6167", datePublished: "2017-01-30T22:00:00", dateReserved: "2016-07-05T00:00:00", dateUpdated: "2024-08-06T01:22:20.594Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-9896
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html | vendor-advisory, x_refsource_SUSE | |
https://security.netapp.com/advisory/ntap-20190404-0001/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:01:55.185Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "openSUSE-SU-2019:1113", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { name: "openSUSE-SU-2019:1123", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-04T10:06:03", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "openSUSE-SU-2019:1113", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { name: "openSUSE-SU-2019:1123", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-9896", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", refsource: "MISC", url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "openSUSE-SU-2019:1113", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { name: "openSUSE-SU-2019:1123", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { name: "https://security.netapp.com/advisory/ntap-20190404-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190404-0001/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-9896", datePublished: "2019-03-21T02:31:32", dateReserved: "2019-03-20T00:00:00", dateUpdated: "2024-08-04T22:01:55.185Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-31497
Vulnerability from cvelistv5
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:putty:putty:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "putty", vendor: "putty", versions: [ { lessThan: "0.81", status: "affected", version: "0.68", versionType: "semver", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-31497", options: [ { Exploitation: "None", }, { Automatable: "No", }, { "Technical Impact": "Partial", }, ], role: "CISA Coordinator", timestamp: "2024-04-19T04:01:10.059065Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:37:17.161Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-19T07:48:01.287Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { tags: [ "x_transferred", ], url: "https://filezilla-project.org/versions.php", }, { tags: [ "x_transferred", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html", }, { tags: [ "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2024/04/15/6", }, { tags: [ "x_transferred", ], url: "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward", }, { tags: [ "x_transferred", ], url: "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty", }, { tags: [ "x_transferred", ], url: "https://news.ycombinator.com/item?id=40044665", }, { tags: [ "x_transferred", ], url: "https://winscp.net/eng/news.php", }, { tags: [ "x_transferred", ], url: "https://tortoisegit.org", }, { tags: [ "x_transferred", ], url: "https://github.com/advisories/GHSA-6p4c-r453-8743", }, { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275183", }, { tags: [ "x_transferred", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1222864", }, { tags: [ "x_transferred", ], url: "https://security-tracker.debian.org/tracker/CVE-2024-31497", }, { tags: [ "x_transferred", ], url: "https://twitter.com/lambdafu/status/1779969509522133272", }, { tags: [ "x_transferred", ], url: "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git", }, { tags: [ "x_transferred", ], url: "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/", }, { tags: [ "x_transferred", ], url: "https://github.com/daedalus/BreakingECDSAwithLLL", }, { tags: [ "x_transferred", ], url: "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/", }, { tags: [ "x_transferred", ], url: "https://twitter.com/CCBalert/status/1780229237569470549", }, { tags: [ "x_transferred", ], url: "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/", }, { name: "FEDORA-2024-8401d42de6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/", }, { name: "FEDORA-2024-ff9a2fb31c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/", }, { name: "FEDORA-2024-0489e7ba1e", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/", }, { name: "FEDORA-2024-08a4a5ead8", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/", }, { name: "FEDORA-2024-cba85cc558", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/", }, { name: "[oss-security] 20240415 CVE-2024-31497: Secret Key Recovery of NIST P-521 Private Keys Through Biased ECDSA Nonces in PuTTY Client", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/04/15/6", }, { name: "[debian-lts-announce] 20240620 [SECURITY] [DLA 3839-1] putty security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html", }, { url: "https://www.vicarius.io/vsociety/posts/understanding-a-critical-vulnerability-in-putty-biased-ecdsa-nonce-generation-revealing-nist-p-521-private-keys-cve-2024-31497", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim's private key) can derive the victim's private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-20T19:05:59.509465", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { url: "https://filezilla-project.org/versions.php", }, { url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html", }, { url: "https://www.openwall.com/lists/oss-security/2024/04/15/6", }, { url: "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward", }, { url: "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty", }, { url: "https://news.ycombinator.com/item?id=40044665", }, { url: "https://winscp.net/eng/news.php", }, { url: "https://tortoisegit.org", }, { url: "https://github.com/advisories/GHSA-6p4c-r453-8743", }, { url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275183", }, { url: "https://bugzilla.suse.com/show_bug.cgi?id=1222864", }, { url: "https://security-tracker.debian.org/tracker/CVE-2024-31497", }, { url: "https://twitter.com/lambdafu/status/1779969509522133272", }, { url: "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git", }, { url: "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/", }, { url: "https://github.com/daedalus/BreakingECDSAwithLLL", }, { url: "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/", }, { url: "https://twitter.com/CCBalert/status/1780229237569470549", }, { url: "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/", }, { name: "FEDORA-2024-8401d42de6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/", }, { name: "FEDORA-2024-ff9a2fb31c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/", }, { name: "FEDORA-2024-0489e7ba1e", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/", }, { name: "FEDORA-2024-08a4a5ead8", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/", }, { name: "FEDORA-2024-cba85cc558", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/", }, { name: "[oss-security] 20240415 CVE-2024-31497: Secret Key Recovery of NIST P-521 Private Keys Through Biased ECDSA Nonces in PuTTY Client", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2024/04/15/6", }, { name: "[debian-lts-announce] 20240620 [SECURITY] [DLA 3839-1] putty security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-31497", datePublished: "2024-04-15T00:00:00", dateReserved: "2024-04-04T00:00:00", dateUpdated: "2024-08-19T07:48:01.287Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-9898
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:01:55.181Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "107523", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107523", }, { name: "FEDORA-2019-5776dfe300", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { name: "FEDORA-2019-9e1a1cd634", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190329-0002/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190401-0002/", }, { name: "openSUSE-SU-2019:1113", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { name: "openSUSE-SU-2019:1123", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { name: "20190403 [SECURITY] [DSA 4423-1] putty security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Apr/6", }, { name: "DSA-4423", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4423", }, { name: "[debian-lts-announce] 20190424 [SECURITY] [DLA 1763-1] putty security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-24T23:06:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "107523", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107523", }, { name: "FEDORA-2019-5776dfe300", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { name: "FEDORA-2019-9e1a1cd634", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190329-0002/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190401-0002/", }, { name: "openSUSE-SU-2019:1113", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { name: "openSUSE-SU-2019:1123", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { name: "20190403 [SECURITY] [DSA 4423-1] putty security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Apr/6", }, { name: "DSA-4423", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4423", }, { name: "[debian-lts-announce] 20190424 [SECURITY] [DLA 1763-1] putty security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-9898", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", refsource: "MISC", url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { name: "107523", refsource: "BID", url: "http://www.securityfocus.com/bid/107523", }, { name: "FEDORA-2019-5776dfe300", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", }, { name: "FEDORA-2019-9e1a1cd634", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", }, { name: "https://security.netapp.com/advisory/ntap-20190329-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190329-0002/", }, { name: "https://security.netapp.com/advisory/ntap-20190401-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190401-0002/", }, { name: "openSUSE-SU-2019:1113", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", }, { name: "openSUSE-SU-2019:1123", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", }, { name: "20190403 [SECURITY] [DSA 4423-1] putty security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Apr/6", }, { name: "DSA-4423", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4423", }, { name: "[debian-lts-announce] 20190424 [SECURITY] [DLA 1763-1] putty security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-9898", datePublished: "2019-03-21T02:31:58", dateReserved: "2019-03-20T00:00:00", dateUpdated: "2024-08-04T22:01:55.181Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-0467
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414 | x_refsource_CONFIRM | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/19403 | vdb-entry, x_refsource_XF | |
http://www.idefense.com/application/poi/display?id=201&type=vulnerabilities | third-party-advisory, x_refsource_IDEFENSE | |
http://secunia.com/advisories/14333 | third-party-advisory, x_refsource_SECUNIA | |
http://www.gentoo.org/security/en/glsa/glsa-200502-28.xml | vendor-advisory, x_refsource_GENTOO | |
http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416 | x_refsource_CONFIRM | |
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html | x_refsource_CONFIRM | |
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html | x_refsource_CONFIRM | |
http://secunia.com/advisories/17214 | third-party-advisory, x_refsource_SECUNIA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T21:13:54.249Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414", }, { name: "putty-sftppktgetstring-bo(19403)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/19403", }, { name: "20050221 Multiple PuTTY SFTP Client Packet Parsing Integer Overflow Vulnerabilities", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred", ], url: "http://www.idefense.com/application/poi/display?id=201&type=vulnerabilities", }, { name: "14333", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/14333", }, { name: "GLSA-200502-28", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200502-28.xml", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html", }, { name: "17214", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17214", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-02-21T00:00:00", descriptions: [ { lang: "en", value: "Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been allocated.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-10T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414", }, { name: "putty-sftppktgetstring-bo(19403)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/19403", }, { name: "20050221 Multiple PuTTY SFTP Client Packet Parsing Integer Overflow Vulnerabilities", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", ], url: "http://www.idefense.com/application/poi/display?id=201&type=vulnerabilities", }, { name: "14333", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/14333", }, { name: "GLSA-200502-28", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200502-28.xml", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html", }, { name: "17214", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17214", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2005-0467", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been allocated.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414", refsource: "CONFIRM", url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414", }, { name: "putty-sftppktgetstring-bo(19403)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/19403", }, { name: "20050221 Multiple PuTTY SFTP Client Packet Parsing Integer Overflow Vulnerabilities", refsource: "IDEFENSE", url: "http://www.idefense.com/application/poi/display?id=201&type=vulnerabilities", }, { name: "14333", refsource: "SECUNIA", url: "http://secunia.com/advisories/14333", }, { name: "GLSA-200502-28", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200502-28.xml", }, { name: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416", refsource: "CONFIRM", url: "http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416", }, { name: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html", refsource: "CONFIRM", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html", }, { name: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html", refsource: "CONFIRM", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html", }, { name: "17214", refsource: "SECUNIA", url: "http://secunia.com/advisories/17214", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2005-0467", datePublished: "2005-02-21T05:00:00", dateReserved: "2005-02-18T00:00:00", dateUpdated: "2024-08-07T21:13:54.249Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2002-1359
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://securitytracker.com/id?1005812 | vdb-entry, x_refsource_SECTRACK | |
http://www.cert.org/advisories/CA-2002-36.html | third-party-advisory, x_refsource_CERT | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/10870 | vdb-entry, x_refsource_XF | |
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html | mailing-list, x_refsource_VULNWATCH | |
http://www.securityfocus.com/bid/6407 | vdb-entry, x_refsource_BID | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5848 | vdb-entry, signature, x_refsource_OVAL | |
http://securitytracker.com/id?1005813 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T03:19:28.748Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1005812", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1005812", }, { name: "CA-2002-36", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.cert.org/advisories/CA-2002-36.html", }, { name: "ssh-transport-multiple-bo(10870)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/10870", }, { name: "20021216 R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors", tags: [ "mailing-list", "x_refsource_VULNWATCH", "x_transferred", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { name: "6407", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/6407", }, { name: "oval:org.mitre.oval:def:5848", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5848", }, { name: "1005813", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1005813", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2002-12-16T00:00:00", descriptions: [ { lang: "en", value: "Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "1005812", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1005812", }, { name: "CA-2002-36", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.cert.org/advisories/CA-2002-36.html", }, { name: "ssh-transport-multiple-bo(10870)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/10870", }, { name: "20021216 R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors", tags: [ "mailing-list", "x_refsource_VULNWATCH", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { name: "6407", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/6407", }, { name: "oval:org.mitre.oval:def:5848", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5848", }, { name: "1005813", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1005813", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2002-1359", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1005812", refsource: "SECTRACK", url: "http://securitytracker.com/id?1005812", }, { name: "CA-2002-36", refsource: "CERT", url: "http://www.cert.org/advisories/CA-2002-36.html", }, { name: "ssh-transport-multiple-bo(10870)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/10870", }, { name: "20021216 R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors", refsource: "VULNWATCH", url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { name: "6407", refsource: "BID", url: "http://www.securityfocus.com/bid/6407", }, { name: "oval:org.mitre.oval:def:5848", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5848", }, { name: "1005813", refsource: "SECTRACK", url: "http://securitytracker.com/id?1005813", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2002-1359", datePublished: "2002-12-17T05:00:00", dateReserved: "2002-12-14T00:00:00", dateUpdated: "2024-08-08T03:19:28.748Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-17067
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20191127-0003/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:33:16.719Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20191127-0003/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-27T06:06:08", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20191127-0003/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-17067", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", refsource: "MISC", url: "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", }, { name: "https://security.netapp.com/advisory/ntap-20191127-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20191127-0003/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-17067", datePublished: "2019-10-01T16:55:36", dateReserved: "2019-10-01T00:00:00", dateUpdated: "2024-08-05T01:33:16.719Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-6542
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/97156 | vdb-entry, x_refsource_BID | |
https://www.exploit-db.com/exploits/42137/ | exploit, x_refsource_EXPLOIT-DB | |
https://security.gentoo.org/glsa/201703-03 | vendor-advisory, x_refsource_GENTOO | |
https://git.tartarus.org/?p=simon/putty.git%3Ba=commitdiff%3Bh=4ff22863d895cb7ebfced4cf923a012a614adaa8 | x_refsource_CONFIRM | |
http://www.securitytracker.com/id/1038067 | vdb-entry, x_refsource_SECTRACK | |
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html | x_refsource_CONFIRM | |
http://lists.opensuse.org/opensuse-updates/2017-03/msg00055.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/201706-09 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:33:20.175Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "97156", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/97156", }, { name: "42137", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/42137/", }, { name: "GLSA-201703-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201703-03", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.tartarus.org/?p=simon/putty.git%3Ba=commitdiff%3Bh=4ff22863d895cb7ebfced4cf923a012a614adaa8", }, { name: "1038067", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1038067", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html", }, { name: "openSUSE-SU-2017:0741", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2017-03/msg00055.html", }, { name: "GLSA-201706-09", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201706-09", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-03-08T00:00:00", descriptions: [ { lang: "en", value: "The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-12T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "97156", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/97156", }, { name: "42137", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/42137/", }, { name: "GLSA-201703-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201703-03", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.tartarus.org/?p=simon/putty.git%3Ba=commitdiff%3Bh=4ff22863d895cb7ebfced4cf923a012a614adaa8", }, { name: "1038067", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1038067", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html", }, { name: "openSUSE-SU-2017:0741", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2017-03/msg00055.html", }, { name: "GLSA-201706-09", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201706-09", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-6542", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "97156", refsource: "BID", url: "http://www.securityfocus.com/bid/97156", }, { name: "42137", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/42137/", }, { name: "GLSA-201703-03", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201703-03", }, { name: "https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=4ff22863d895cb7ebfced4cf923a012a614adaa8", refsource: "CONFIRM", url: "https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=4ff22863d895cb7ebfced4cf923a012a614adaa8", }, { name: "1038067", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1038067", }, { name: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html", refsource: "CONFIRM", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html", }, { name: "openSUSE-SU-2017:0741", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2017-03/msg00055.html", }, { name: "GLSA-201706-09", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201706-09", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-6542", datePublished: "2017-03-27T17:00:00", dateReserved: "2017-03-08T00:00:00", dateUpdated: "2024-08-05T15:33:20.175Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2011-4607
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://seclists.org/oss-sec/2011/q4/500 | mailing-list, x_refsource_MLIST | |
http://seclists.org/oss-sec/2011/q4/499 | mailing-list, x_refsource_MLIST | |
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/password-not-wiped.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T00:09:19.403Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20111212 Re: CVE request: putty does not wipe keyboard-interactive replies from memory after authentication", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2011/q4/500", }, { name: "[oss-security] 20111212 CVE request: putty does not wipe keyboard-interactive replies from memory after authentication", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2011/q4/499", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/password-not-wiped.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords by obtaining access to the process' memory.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-08-23T16:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20111212 Re: CVE request: putty does not wipe keyboard-interactive replies from memory after authentication", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2011/q4/500", }, { name: "[oss-security] 20111212 CVE request: putty does not wipe keyboard-interactive replies from memory after authentication", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2011/q4/499", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/password-not-wiped.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2011-4607", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords by obtaining access to the process' memory.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20111212 Re: CVE request: putty does not wipe keyboard-interactive replies from memory after authentication", refsource: "MLIST", url: "http://seclists.org/oss-sec/2011/q4/500", }, { name: "[oss-security] 20111212 CVE request: putty does not wipe keyboard-interactive replies from memory after authentication", refsource: "MLIST", url: "http://seclists.org/oss-sec/2011/q4/499", }, { name: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/password-not-wiped.html", refsource: "CONFIRM", url: "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/password-not-wiped.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2011-4607", datePublished: "2013-08-23T16:00:00Z", dateReserved: "2011-11-29T00:00:00Z", dateUpdated: "2024-09-16T18:04:01.003Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
var-200212-0625
Vulnerability from variot
Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. Secure shell (SSH) transport layer protocol implementations from different vendors contain multiple vulnerabilities in code that handles key exchange and initialization. Both SSH servers and clients are affected. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ TCP/IP Used by higher layers SSH The transport layer protocol is SSH This is the protocol that forms the basis of the entire protocol. Key exchange, encryption technology to be used, message authentication algorithm, etc. have been agreed, and functions such as encrypted data transfer and server authentication are provided. Provided by many vendors SSH There is a deficiency in the implementation method in products that implement the protocol. Remote attackers are responsible for various malicious packets that are handled during the initial setup, key exchange, and connection phase related to this protocol. ( Packet length padding Packets with unusual lengths, packets with malformed character strings or values inserted, packets for which the algorithm is not properly defined, etc. However, the impact of this issue is provided by each vendor SSH It depends on the product. Details are currently unknown, SSH Communications Security Provided by SSH Secure Shell in the case of, SSH It can lead to server child processes or client crashes. Also F-Secure of F-Secure SSH In the case of, SSH If you use both products as a result, it may cause the server child process to crash, SSH The connection between the server and client may be lost. However, the client can connect by trying to reconnect. At this time, SSH Secure Shell and F-Secure SSH of Windows The effect of the edition is unknown. OpenSSH Is not affected by this issue. Cisco IOS In the case of SSH Because the server is disabled, the default setting is not affected by this issue.Please refer to the “Overview” for the impact of this vulnerability. A vulnerability has been reported for multiple SSH2 vendors. The vulnerability is a result of SSH2 packets containing empty elements/multiple separators. The vulnerability has been reported to affect initialization, key exchange, and negotiation phases of SSH communications. Further details about this vulnerability are currently unknown. This BID will be updated as more information becomes available. This vulnerability was originally described in BugTraq ID 6397.
-----BEGIN PGP SIGNED MESSAGE-----
CERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations
Original issue date: December 16, 2002 Last revised: -- Source: CERT/CC
A complete revision history is at the end of this file.
I. It provides strong encryption, cryptographic host authentication, and integrity protection.... These vulnerabilities include buffer overflows, and they occur before any user authentication takes place. SSHredder was primarily designed to test key exchange and other processes that are specific to version 2 of the SSH protocol; however, certain classes of tests are also applicable to version 1.
Rapid7 has published a detailed advisory (R7-0009) and the SSHredder test suite.
Common Vulnerabilities and Exposures (CVE) has assigned the following candidate numbers for several classes of tests performed by SSHredder:
* CAN-2002-1357 - incorrect field lengths
* CAN-2002-1358 - lists with empty elements or multiple separators
* CAN-2002-1359 - "classic" buffer overflows
* CAN-2002-1360 - null characters in strings
II. On Microsoft Windows systems, SSH servers commonly run with SYSTEM privileges, and on UNIX systems, SSH daemons typically run with root privileges.
III. Solution
Apply a patch or upgrade
Apply the appropriate patch or upgrade as specified by your vendor. See Appendix A below and the Systems Affected section of VU#389665 for specific information.
Restrict access
Limit access to SSH servers to trusted hosts and networks using firewalls or other packet-filtering systems. Some SSH servers may have the ability to restrict access based on IP addresses, or similar effects may be achieved by using TCP wrappers or other related technology.
SSH clients can reduce the risk of attacks by only connecting to trusted servers by IP address.
While these workarounds will not prevent exploitation of these vulnerabilities, they will make attacks somewhat more difficult, in part by limiting the number of potential sources of attacks.
Appendix A. Vendor Information
This appendix contains information provided by vendors. When vendors report new information, this section is updated and the changes are noted in the revision history. If a vendor is not listed below, we have not received their comments. The Systems Affected section of VU#389665 contains additional vendor status information.
Cisco Systems, Inc.
The official statement regarding this is that we are not
vulnerable.
Cray Inc.
Cray Inc. supports the OpenSSH product through their Cray Open
Software (COS) package. COS 3.3, available the end of December
2002, is not vulnerable. If a site is concerned, they can contact
their local Cray representive to obtain an early copy of the
OpenSSH contained in COS 3.3.
F-Secure
F-Secure SSH products are not exploitable via these attacks. While
F-Secure SSH versions 3.1.0 build 11 and earlier crash on these
malicious packets, we did not find ways to exploit this to gain
unauthorized access or to run arbitrary code. Furthermore, the
crash occurs in a forked process so the denial of service attacks
are not possible.
Fujitsu
Fujitsu's UXP/V OS is not vulnerable because it does not support
SSH.
IBM
IBM's AIX is not vulnerabible to the issues discussed in CERT
Vulnerability Note VU#389665.
lsh
I've now tried the testsuite with the latest stable release of lsh,
lsh-1.4.2. Both the client and the server seem NOT VULNERABLE.
NetScreen Technologies Inc.
Tested latest versions. Not Vulnerable.
OpenSSH
From my testing it seems that the current version of OpenSSH (3.5)
is not vulnerable to these problems, and some limited testing shows
that no version of OpenSSH is vulnerable.
Pragma Systems, Inc.
December 16, 2002
Rapid 7 and CERT Coordination Center Vulnerability report VU#389665
Pragma Systems Inc. of Austin, Texas, USA, was notified regarding a
possible vulnerability with Version 2.0 of Pragma SecureShell.
Pragma Systems tested Pragma SecureShell 2.0 and the upcoming new
Version 3.0, and found that the attacks did cause a memory access
protection fault on Microsoft platforms.
After research, Pragma Systems corrected the problem.
The problem is corrected in Pragma SecureShell Version 3.0. Any
customers with concerns regarding this vulnerability report should
contact Pragma Systems, Inc at support@pragmasys.com for
information on obtaining an upgrade free of charge. Pragma's web
site is located at www.pragmasys.com and the company can be reached
at 1-512-219-7270.
PuTTY
PuTTY 0.53b addresses vulnerabilities discovered by SSHredder.
Appendix B. References
* CERT/CC Vulnerability Note: VU#389665 -
http://www.kb.cert.org/vuls/id/389665
* Rapid 7 Advisory: R7-0009 -
http://www.rapid7.com/advisories/R7-0009.txt
* Rapid 7 SSHredder test suite -
http://www.rapid7.com/perl/DownloadRequest.pl?PackageChoice=666
* IETF Draft: SSH Transport Layer Protocol -
http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15.
txt
* IETF Draft: SSH Protocol Architecture -
http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-
13.txt
* Privilege Separated OpenSSH -
http://www.citi.umich.edu/u/provos/ssh/privsep.html
_________________________________________________________________
The CERT Coordination Center thanks Rapid7 for researching and reporting these vulnerabilities. ___________
Author: Art Manion.
This document is available from: http://www.cert.org/advisories/CA-2002-36.html
CERT/CC Contact Information
Email: cert@cert.org Phone: +1 412-268-7090 (24-hour hotline) Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more information.
Getting security information
CERT publications and other security information are available from our web site http://www.cert.org/
To subscribe to the CERT mailing list for advisories and bulletins, send email to majordomo@cert.org. Please include in the body of your message
subscribe cert-advisory
- "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office.
NO WARRANTY Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement. ___________
Conditions for use, disclaimers, and sponsorship information
Copyright 2002 Carnegie Mellon University.
Revision History
December 16, 2002: Initial release
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBPf4qimjtSoHZUTs5AQEGbAQAiJcA+QFf2mOElaPIFwEmSRC83xlKifq/ PlmaGbUx2UnwTIi8s2ETF8KjlfQjjgO20B4ms1MMaJ/heyxklOgpeBOQ2mpa2Tnd yIY7sxpBuRjF1qS6yQ8/OrcsSqVxdxZWkPLAypV11WcJlMmSxxLdKi5t86EsWic3 xazIo8XEipc= =Nj+0 -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200212-0625", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "ios", scope: "eq", trust: 2.7, vendor: "cisco", version: "12.2", }, { model: "winscp", scope: "eq", trust: 1.6, vendor: "winscp", version: "2.0.0", }, { model: "shellguard ssh", scope: "eq", trust: 1.6, vendor: "netcomposite", version: "3.4.6", }, { model: "securenetterm", scope: "eq", trust: 1.6, vendor: "intersoft", version: "5.4.1", }, { model: "ios", scope: "eq", trust: 1.6, vendor: "cisco", version: "12.2s", }, { model: "ios", scope: "eq", trust: 1.6, vendor: "cisco", version: "12.1ea", }, { model: "ios", scope: "eq", trust: 1.6, vendor: "cisco", version: "12.0st", }, { model: "ios", scope: "eq", trust: 1.6, vendor: "cisco", version: "12.1e", }, { model: "ios", scope: "eq", trust: 1.6, vendor: "cisco", version: "12.2t", }, { model: "ios", scope: "eq", trust: 1.6, vendor: "cisco", version: "12.0s", }, { model: "ios", scope: "eq", trust: 1.6, vendor: "cisco", version: "12.1t", }, { model: "ssh client", scope: "eq", trust: 1, vendor: "fissh", version: "1.0a_for_windows", }, { model: "putty", scope: "eq", trust: 1, vendor: "putty", version: "0.49", }, { model: "secureshell", scope: "eq", trust: 1, vendor: "pragma", version: "2.0", }, { model: "putty", scope: "eq", trust: 1, vendor: "putty", version: "0.48", }, { model: "putty", scope: "eq", trust: 1, vendor: "putty", version: "0.53", }, { model: null, scope: null, trust: 0.8, vendor: "alcatel", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "f secure", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "hewlett packard", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "intersoft", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "juniper", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "nortel", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "pragma", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "putty", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "riverstone", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "ssh security", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "winscp", version: null, }, { model: "f-secure ssh", scope: "lte", trust: 0.8, vendor: "f secure", version: "3.1.0", }, { model: "ios", scope: "eq", trust: 0.8, vendor: "cisco", version: "12.0", }, { model: "ios", scope: "eq", trust: 0.8, vendor: "cisco", version: "12.1", }, { model: "pix firewall", scope: "eq", trust: 0.8, vendor: "cisco", version: "6.0", }, { model: "pix firewall", scope: "eq", trust: 0.8, vendor: "cisco", version: "6.1", }, { model: "pix firewall", scope: "eq", trust: 0.8, vendor: "cisco", version: "6.2", }, { model: "pix firewall", scope: "eq", trust: 0.8, vendor: "cisco", version: "6.3", }, { model: "tatham putty", scope: "eq", trust: 0.6, vendor: "simon", version: "0.53", }, { model: "tatham putty", scope: "eq", trust: 0.6, vendor: "simon", version: "0.49", }, { model: "tatham putty", scope: "eq", trust: 0.6, vendor: "simon", version: "0.48", }, { model: "systems secureshell", scope: "eq", trust: 0.6, vendor: "pragma", version: "2.0", }, { model: "ssh client for windows a", scope: "eq", trust: 0.6, vendor: "fissh", version: "1.0", }, { model: "tatham putty b", scope: "ne", trust: 0.6, vendor: "simon", version: "0.53", }, { model: "systems secureshell", scope: "ne", trust: 0.6, vendor: "pragma", version: "3.0", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.5", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.4", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.4", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.3", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.3", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.2.3", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.2.2", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.2", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.1", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.1", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0.2", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0.2", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0.1", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0.1", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0", }, { model: "lsh", scope: "ne", trust: 0.6, vendor: "lsh", version: "1.5", }, { model: "securenetterm", scope: "ne", trust: 0.6, vendor: "intersoft", version: "5.4.2", }, { model: "winsshd", scope: "ne", trust: 0.6, vendor: "bitvise", version: "3.5", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.3(0)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.1(1)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.1(0)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.1", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.0", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.6(1)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.6(0)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.5", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.1(3)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.1(2)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.1(1)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.1(0)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.0(2)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.0(1)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.0(0)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.0", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "3.4", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "3.3", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "3.2", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "3.1", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "2.3(5)", }, { model: "ons 15454e optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.14", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.6(1)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.6(0)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.5", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1(3)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1(2)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1(1)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1(0)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.0(2)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.0(1)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.4", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.3", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.2.0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.1.0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154542.3(5)", }, { model: "ons ios-based blades", scope: "eq", trust: 0.3, vendor: "cisco", version: "15454", }, { model: "ons metro edge optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "15327", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.14", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.6(1)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.6(0)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.1(3)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.1(2)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.1(1)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.1(0)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.0(2)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.0(1)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.0", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.4", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.3", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.2", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.1", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.0", }, { model: "ios 12.2t", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.2s", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.1t", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.1ea", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.1e", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.0st", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.0s", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "securecrt", scope: "ne", trust: 0.3, vendor: "vandyke", version: "3.4.3", }, { model: "vshell", scope: "ne", trust: 0.3, vendor: "van dyke", version: "1.2", }, { model: "ttssh", scope: "ne", trust: 0.3, vendor: "ttssh", version: "1.5.4", }, ], sources: [ { db: "CERT/CC", id: "VU#389665", }, { db: "BID", id: "6408", }, { db: "BID", id: "6397", }, { db: "JVNDB", id: "JVNDB-2002-000323", }, { db: "CNNVD", id: "CNNVD-200212-047", }, { db: "NVD", id: "CVE-2002-1358", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:f-secure:f-secure_ssh_server", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:ios", vulnerable: true, }, { cpe22Uri: "cpe:/h:cisco:pix_firewall", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2002-000323", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Rapid 7 Security Advisories※ advisory@rapid7.com", sources: [ { db: "CNNVD", id: "CNNVD-200212-047", }, ], trust: 0.6, }, cve: "CVE-2002-1358", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CVE-2002-1358", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2002-1358", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "VHN-5743", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "nvd@nist.gov", id: "CVE-2002-1358", trust: 1, value: "HIGH", }, { author: "CARNEGIE MELLON", id: "VU#389665", trust: 0.8, value: "11.04", }, { author: "NVD", id: "CVE-2002-1358", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-200212-047", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-5743", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULHUB", id: "VHN-5743", }, { db: "JVNDB", id: "JVNDB-2002-000323", }, { db: "CNNVD", id: "CNNVD-200212-047", }, { db: "NVD", id: "CVE-2002-1358", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. Secure shell (SSH) transport layer protocol implementations from different vendors contain multiple vulnerabilities in code that handles key exchange and initialization. Both SSH servers and clients are affected. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ TCP/IP Used by higher layers SSH The transport layer protocol is SSH This is the protocol that forms the basis of the entire protocol. Key exchange, encryption technology to be used, message authentication algorithm, etc. have been agreed, and functions such as encrypted data transfer and server authentication are provided. Provided by many vendors SSH There is a deficiency in the implementation method in products that implement the protocol. Remote attackers are responsible for various malicious packets that are handled during the initial setup, key exchange, and connection phase related to this protocol. ( Packet length padding Packets with unusual lengths, packets with malformed character strings or values inserted, packets for which the algorithm is not properly defined, etc. However, the impact of this issue is provided by each vendor SSH It depends on the product. Details are currently unknown, SSH Communications Security Provided by SSH Secure Shell in the case of, SSH It can lead to server child processes or client crashes. Also F-Secure of F-Secure SSH In the case of, SSH If you use both products as a result, it may cause the server child process to crash, SSH The connection between the server and client may be lost. However, the client can connect by trying to reconnect. At this time, SSH Secure Shell and F-Secure SSH of Windows The effect of the edition is unknown. OpenSSH Is not affected by this issue. Cisco IOS In the case of SSH Because the server is disabled, the default setting is not affected by this issue.Please refer to the “Overview” for the impact of this vulnerability. A vulnerability has been reported for multiple SSH2 vendors. The vulnerability is a result of SSH2 packets containing empty elements/multiple separators. \nThe vulnerability has been reported to affect initialization, key exchange, and negotiation phases of SSH communications. \nFurther details about this vulnerability are currently unknown. This BID will be updated as more information becomes available. This vulnerability was originally described in BugTraq ID 6397. \n\n-----BEGIN PGP SIGNED MESSAGE-----\n\n\nCERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations\n\n Original issue date: December 16, 2002\n Last revised: --\n Source: CERT/CC\n\n A complete revision history is at the end of this file. \n\n\nI. \n It provides strong encryption, cryptographic host authentication,\n and integrity protection.... These vulnerabilities include buffer\n overflows, and they occur before any user authentication takes place. \n SSHredder was primarily designed to test key exchange and other\n processes that are specific to version 2 of the SSH protocol; however,\n certain classes of tests are also applicable to version 1. \n\n Rapid7 has published a detailed advisory (R7-0009) and the SSHredder\n test suite. \n\n Common Vulnerabilities and Exposures (CVE) has assigned the following\n candidate numbers for several classes of tests performed by SSHredder:\n\n * CAN-2002-1357 - incorrect field lengths\n * CAN-2002-1358 - lists with empty elements or multiple separators\n * CAN-2002-1359 - \"classic\" buffer overflows\n * CAN-2002-1360 - null characters in strings\n\n\nII. On\n Microsoft Windows systems, SSH servers commonly run with SYSTEM\n privileges, and on UNIX systems, SSH daemons typically run with root\n privileges. \n\n\nIII. Solution\n\nApply a patch or upgrade\n\n Apply the appropriate patch or upgrade as specified by your vendor. \n See Appendix A below and the Systems Affected section of VU#389665 for\n specific information. \n\nRestrict access\n\n Limit access to SSH servers to trusted hosts and networks using\n firewalls or other packet-filtering systems. Some SSH servers may have\n the ability to restrict access based on IP addresses, or similar\n effects may be achieved by using TCP wrappers or other related\n technology. \n\n SSH clients can reduce the risk of attacks by only connecting to\n trusted servers by IP address. \n\n While these workarounds will not prevent exploitation of these\n vulnerabilities, they will make attacks somewhat more difficult, in\n part by limiting the number of potential sources of attacks. \n\n\nAppendix A. Vendor Information\n\n This appendix contains information provided by vendors. When vendors\n report new information, this section is updated and the changes are\n noted in the revision history. If a vendor is not listed below, we\n have not received their comments. The Systems Affected section of\n VU#389665 contains additional vendor status information. \n\nCisco Systems, Inc. \n\n The official statement regarding this is that we are not\n vulnerable. \n\nCray Inc. \n\n Cray Inc. supports the OpenSSH product through their Cray Open\n Software (COS) package. COS 3.3, available the end of December\n 2002, is not vulnerable. If a site is concerned, they can contact\n their local Cray representive to obtain an early copy of the\n OpenSSH contained in COS 3.3. \n\nF-Secure\n\n F-Secure SSH products are not exploitable via these attacks. While\n F-Secure SSH versions 3.1.0 build 11 and earlier crash on these\n malicious packets, we did not find ways to exploit this to gain\n unauthorized access or to run arbitrary code. Furthermore, the\n crash occurs in a forked process so the denial of service attacks\n are not possible. \n\nFujitsu\n\n Fujitsu's UXP/V OS is not vulnerable because it does not support\n SSH. \n\nIBM\n\n IBM's AIX is not vulnerabible to the issues discussed in CERT\n Vulnerability Note VU#389665. \n\nlsh\n\n I've now tried the testsuite with the latest stable release of lsh,\n lsh-1.4.2. Both the client and the server seem NOT VULNERABLE. \n\nNetScreen Technologies Inc. \n\n Tested latest versions. Not Vulnerable. \n\nOpenSSH\n\n From my testing it seems that the current version of OpenSSH (3.5)\n is not vulnerable to these problems, and some limited testing shows\n that no version of OpenSSH is vulnerable. \n\nPragma Systems, Inc. \n\n December 16, 2002\n\n Rapid 7 and CERT Coordination Center Vulnerability report VU#389665\n\n Pragma Systems Inc. of Austin, Texas, USA, was notified regarding a\n possible vulnerability with Version 2.0 of Pragma SecureShell. \n Pragma Systems tested Pragma SecureShell 2.0 and the upcoming new\n Version 3.0, and found that the attacks did cause a memory access\n protection fault on Microsoft platforms. \n\n After research, Pragma Systems corrected the problem. \n\n The problem is corrected in Pragma SecureShell Version 3.0. Any\n customers with concerns regarding this vulnerability report should\n contact Pragma Systems, Inc at support@pragmasys.com for\n information on obtaining an upgrade free of charge. Pragma's web\n site is located at www.pragmasys.com and the company can be reached\n at 1-512-219-7270. \n\nPuTTY\n\n PuTTY 0.53b addresses vulnerabilities discovered by SSHredder. \n\n\nAppendix B. References\n\n * CERT/CC Vulnerability Note: VU#389665 -\n http://www.kb.cert.org/vuls/id/389665\n * Rapid 7 Advisory: R7-0009 -\n http://www.rapid7.com/advisories/R7-0009.txt\n * Rapid 7 SSHredder test suite -\n http://www.rapid7.com/perl/DownloadRequest.pl?PackageChoice=666\n * IETF Draft: SSH Transport Layer Protocol -\n http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15. \n txt\n * IETF Draft: SSH Protocol Architecture -\n http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-\n 13.txt\n * Privilege Separated OpenSSH -\n http://www.citi.umich.edu/u/provos/ssh/privsep.html\n\n _________________________________________________________________\n\n The CERT Coordination Center thanks Rapid7 for researching and\n reporting these vulnerabilities. \n _________________________________________________________________\n\n Author: Art Manion. \n ______________________________________________________________________\n\n This document is available from:\n http://www.cert.org/advisories/CA-2002-36.html\n ______________________________________________________________________\n\n\nCERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n\nUsing encryption\n\n We strongly urge you to encrypt sensitive information sent by email. \n Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n\n If you prefer to use DES, please call the CERT hotline for more\n information. \n\nGetting security information\n\n CERT publications and other security information are available from\n our web site\n http://www.cert.org/\n\n To subscribe to the CERT mailing list for advisories and bulletins,\n send email to majordomo@cert.org. Please include in the body of your\n message\n\n subscribe cert-advisory\n\n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n ______________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the Software\n Engineering Institute is furnished on an \"as is\" basis. Carnegie\n Mellon University makes no warranties of any kind, either expressed or\n implied as to any matter including, but not limited to, warranty of\n fitness for a particular purpose or merchantability, exclusivity or\n results obtained from use of the material. Carnegie Mellon University\n does not make any warranty of any kind with respect to freedom from\n patent, trademark, or copyright infringement. \n _________________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n\n Copyright 2002 Carnegie Mellon University. \n\n Revision History\n\n December 16, 2002: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBPf4qimjtSoHZUTs5AQEGbAQAiJcA+QFf2mOElaPIFwEmSRC83xlKifq/\nPlmaGbUx2UnwTIi8s2ETF8KjlfQjjgO20B4ms1MMaJ/heyxklOgpeBOQ2mpa2Tnd\nyIY7sxpBuRjF1qS6yQ8/OrcsSqVxdxZWkPLAypV11WcJlMmSxxLdKi5t86EsWic3\nxazIo8XEipc=\n=Nj+0\n-----END PGP SIGNATURE-----\n", sources: [ { db: "NVD", id: "CVE-2002-1358", }, { db: "CERT/CC", id: "VU#389665", }, { db: "JVNDB", id: "JVNDB-2002-000323", }, { db: "BID", id: "6408", }, { db: "BID", id: "6397", }, { db: "VULHUB", id: "VHN-5743", }, { db: "PACKETSTORM", id: "30625", }, ], trust: 3.06, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2002-1358", trust: 2.8, }, { db: "CERT/CC", id: "VU#389665", trust: 1.7, }, { db: "SECTRACK", id: "1005813", trust: 1.7, }, { db: "SECTRACK", id: "1005812", trust: 1.7, }, { db: "BID", id: "6408", trust: 1.2, }, { db: "BID", id: "6397", trust: 1.1, }, { db: "BID", id: "6407", trust: 0.8, }, { db: "BID", id: "6410", trust: 0.8, }, { db: "BID", id: "6405", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2002-000323", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-200212-047", trust: 0.7, }, { db: "OVAL", id: "OVAL:ORG.MITRE.OVAL:DEF:5721", trust: 0.6, }, { db: "CERT/CC", id: "CA-2002-36", trust: 0.6, }, { db: "VULNWATCH", id: "20021216 R7-0009: VULNERABILITIES IN SSH2 IMPLEMENTATIONS FROM MULTIPLE VENDORS", trust: 0.6, }, { db: "VULHUB", id: "VHN-5743", trust: 0.1, }, { db: "PACKETSTORM", id: "30625", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULHUB", id: "VHN-5743", }, { db: "BID", id: "6408", }, { db: "BID", id: "6397", }, { db: "JVNDB", id: "JVNDB-2002-000323", }, { db: "PACKETSTORM", id: "30625", }, { db: "CNNVD", id: "CNNVD-200212-047", }, { db: "NVD", id: "CVE-2002-1358", }, ], }, id: "VAR-200212-0625", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-5743", }, ], trust: 0.01, }, last_update_date: "2024-11-22T22:51:32.540000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "ssh-packet-suite-vuln", trust: 0.8, url: "http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml", }, { title: "2003120403", trust: 0.8, url: "http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-2003120403.shtml", }, { title: "303", trust: 0.8, url: "http://www.ssh.com/company/newsroom/article/303/", }, { title: "ssh-packet-suite-vuln", trust: 0.8, url: "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/ssh-packet-suite-vuln-j.shtml", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2002-000323", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-5743", }, { db: "JVNDB", id: "JVNDB-2002-000323", }, { db: "NVD", id: "CVE-2002-1358", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 4.2, url: "http://www.cert.org/advisories/ca-2002-36.html", }, { trust: 2.7, url: "http://securitytracker.com/id?1005812", }, { trust: 2.7, url: "http://securitytracker.com/id?1005813", }, { trust: 2.7, url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { trust: 2.1, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5721", }, { trust: 0.9, url: "http://www.rapid7.com/advisories/r7-0009.txt", }, { trust: 0.9, url: "http://www.rapid7.com/perl/downloadrequest.pl?packagechoice=666", }, { trust: 0.9, url: "http://www.citi.umich.edu/u/provos/ssh/privsep.html", }, { trust: 0.9, url: "http://www.kb.cert.org/vuls/id/389665", }, { trust: 0.8, url: "http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15.txt", }, { trust: 0.8, url: "http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-13.txt", }, { trust: 0.8, url: "http://www.ciac.org/ciac/bulletins/n-028.shtml", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-1358", }, { trust: 0.8, url: "http://www.jpcert.or.jp/wr/2002/wr025001.txt", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnca-2002-36", }, { trust: 0.8, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-1358", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6407", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6405", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6408", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6397", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6410", }, { trust: 0.6, url: "http://www.f-secure.com/", }, { trust: 0.6, url: "http://www.ssh.com", }, { trust: 0.6, url: "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5721", }, { trust: 0.3, url: "http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml", }, { trust: 0.3, url: "/archive/1/305241", }, { trust: 0.1, url: "http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15.", }, { trust: 0.1, url: "http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-", }, { trust: 0.1, url: "http://www.cert.org/", }, { trust: 0.1, url: "http://www.cert.org/cert_pgp.key", }, { trust: 0.1, url: "https://www.pragmasys.com", }, ], sources: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULHUB", id: "VHN-5743", }, { db: "BID", id: "6408", }, { db: "BID", id: "6397", }, { db: "JVNDB", id: "JVNDB-2002-000323", }, { db: "PACKETSTORM", id: "30625", }, { db: "CNNVD", id: "CNNVD-200212-047", }, { db: "NVD", id: "CVE-2002-1358", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULHUB", id: "VHN-5743", }, { db: "BID", id: "6408", }, { db: "BID", id: "6397", }, { db: "JVNDB", id: "JVNDB-2002-000323", }, { db: "PACKETSTORM", id: "30625", }, { db: "CNNVD", id: "CNNVD-200212-047", }, { db: "NVD", id: "CVE-2002-1358", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2002-12-16T00:00:00", db: "CERT/CC", id: "VU#389665", }, { date: "2002-12-23T00:00:00", db: "VULHUB", id: "VHN-5743", }, { date: "2002-12-16T00:00:00", db: "BID", id: "6408", }, { date: "2002-12-16T00:00:00", db: "BID", id: "6397", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2002-000323", }, { date: "2002-12-21T10:23:09", db: "PACKETSTORM", id: "30625", }, { date: "2002-12-23T00:00:00", db: "CNNVD", id: "CNNVD-200212-047", }, { date: "2002-12-23T05:00:00", db: "NVD", id: "CVE-2002-1358", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2003-06-18T00:00:00", db: "CERT/CC", id: "VU#389665", }, { date: "2017-10-11T00:00:00", db: "VULHUB", id: "VHN-5743", }, { date: "2009-07-11T19:16:00", db: "BID", id: "6408", }, { date: "2002-12-16T00:00:00", db: "BID", id: "6397", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2002-000323", }, { date: "2009-03-04T00:00:00", db: "CNNVD", id: "CNNVD-200212-047", }, { date: "2024-11-20T23:41:06.857000", db: "NVD", id: "CVE-2002-1358", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "30625", }, { db: "CNNVD", id: "CNNVD-200212-047", }, ], trust: 0.7, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vendors' SSH transport layer protocol implementations contain vulnerabilities in key exchange and initialization", sources: [ { db: "CERT/CC", id: "VU#389665", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "input validation", sources: [ { db: "CNNVD", id: "CNNVD-200212-047", }, ], trust: 0.6, }, }
var-200212-0627
Vulnerability from variot
Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite. Secure shell (SSH) transport layer protocol implementations from different vendors contain multiple vulnerabilities in code that handles key exchange and initialization. Both SSH servers and clients are affected. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ TCP/IP Used by higher layers SSH The transport layer protocol is SSH This is the protocol that forms the basis of the entire protocol. Key exchange, encryption technology to be used, message authentication algorithm, etc. have been agreed, and functions such as encrypted data transfer and server authentication are provided. Provided by many vendors SSH There is a deficiency in the implementation method in products that implement the protocol. Remote attackers are responsible for various malicious packets that are handled during the initial setup, key exchange, and connection phase related to this protocol. ( Packet length padding Packets with unusual lengths, packets with malformed character strings or values inserted, packets for which the algorithm is not properly defined, etc. ) By sending SSH Cause a server or client to go out of service, and SSH It is possible to execute arbitrary code with the execution authority of the server or client. However, the impact of this issue is provided by each vendor SSH It depends on the product. Details are currently unknown, SSH Communications Security Provided by SSH Secure Shell in the case of, SSH It can lead to server child processes or client crashes. Also F-Secure of F-Secure SSH In the case of, SSH If you use both products as a result, it may cause the server child process to crash, SSH The connection between the server and client may be lost. However, the client can connect by trying to reconnect. At this time, SSH Secure Shell and F-Secure SSH of Windows The effect of the edition is unknown. OpenSSH Is not affected by this issue. Cisco IOS In the case of SSH Because the server is disabled, the default setting is not affected by this issue.Please refer to the “Overview” for the impact of this vulnerability. Multiple vendor SSH2 implementations are reported to be prone to issues related to the handling of null characters in strings. These issues may be used to cause unpredictable behavior to occur, such as a denial of service or memory corruption. It is reportedly possible to trigger these conditions prior to authentication. These conditions were discovered during tests of the initialization, key exchange, and negotiation phases (KEX, KEXINIT) of a SSH2 transaction between client and server. These issues are known to affect various client and server implementations of the protocol. Further details about this vulnerability are currently unknown. This BID will be updated as more information becomes available. This vulnerability was originally described in BugTraq ID 6397.
-----BEGIN PGP SIGNED MESSAGE-----
CERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations
Original issue date: December 16, 2002 Last revised: -- Source: CERT/CC
A complete revision history is at the end of this file.
I. It provides strong encryption, cryptographic host authentication, and integrity protection.... These vulnerabilities include buffer overflows, and they occur before any user authentication takes place. SSHredder was primarily designed to test key exchange and other processes that are specific to version 2 of the SSH protocol; however, certain classes of tests are also applicable to version 1.
Rapid7 has published a detailed advisory (R7-0009) and the SSHredder test suite.
Common Vulnerabilities and Exposures (CVE) has assigned the following candidate numbers for several classes of tests performed by SSHredder:
* CAN-2002-1357 - incorrect field lengths
* CAN-2002-1358 - lists with empty elements or multiple separators
* CAN-2002-1359 - "classic" buffer overflows
* CAN-2002-1360 - null characters in strings
II. On Microsoft Windows systems, SSH servers commonly run with SYSTEM privileges, and on UNIX systems, SSH daemons typically run with root privileges.
III. Solution
Apply a patch or upgrade
Apply the appropriate patch or upgrade as specified by your vendor. See Appendix A below and the Systems Affected section of VU#389665 for specific information.
Restrict access
Limit access to SSH servers to trusted hosts and networks using firewalls or other packet-filtering systems. Some SSH servers may have the ability to restrict access based on IP addresses, or similar effects may be achieved by using TCP wrappers or other related technology.
SSH clients can reduce the risk of attacks by only connecting to trusted servers by IP address.
While these workarounds will not prevent exploitation of these vulnerabilities, they will make attacks somewhat more difficult, in part by limiting the number of potential sources of attacks.
Appendix A. Vendor Information
This appendix contains information provided by vendors. When vendors report new information, this section is updated and the changes are noted in the revision history. If a vendor is not listed below, we have not received their comments. The Systems Affected section of VU#389665 contains additional vendor status information.
Cisco Systems, Inc.
The official statement regarding this is that we are not
vulnerable.
Cray Inc.
Cray Inc. supports the OpenSSH product through their Cray Open
Software (COS) package. COS 3.3, available the end of December
2002, is not vulnerable. If a site is concerned, they can contact
their local Cray representive to obtain an early copy of the
OpenSSH contained in COS 3.3.
F-Secure
F-Secure SSH products are not exploitable via these attacks. While
F-Secure SSH versions 3.1.0 build 11 and earlier crash on these
malicious packets, we did not find ways to exploit this to gain
unauthorized access or to run arbitrary code. Furthermore, the
crash occurs in a forked process so the denial of service attacks
are not possible.
Fujitsu
Fujitsu's UXP/V OS is not vulnerable because it does not support
SSH.
IBM
IBM's AIX is not vulnerabible to the issues discussed in CERT
Vulnerability Note VU#389665.
lsh
I've now tried the testsuite with the latest stable release of lsh,
lsh-1.4.2. Both the client and the server seem NOT VULNERABLE.
NetScreen Technologies Inc.
Tested latest versions. Not Vulnerable.
OpenSSH
From my testing it seems that the current version of OpenSSH (3.5)
is not vulnerable to these problems, and some limited testing shows
that no version of OpenSSH is vulnerable.
Pragma Systems, Inc.
December 16, 2002
Rapid 7 and CERT Coordination Center Vulnerability report VU#389665
Pragma Systems Inc. of Austin, Texas, USA, was notified regarding a
possible vulnerability with Version 2.0 of Pragma SecureShell.
Pragma Systems tested Pragma SecureShell 2.0 and the upcoming new
Version 3.0, and found that the attacks did cause a memory access
protection fault on Microsoft platforms.
After research, Pragma Systems corrected the problem.
The problem is corrected in Pragma SecureShell Version 3.0. Any
customers with concerns regarding this vulnerability report should
contact Pragma Systems, Inc at support@pragmasys.com for
information on obtaining an upgrade free of charge. Pragma's web
site is located at www.pragmasys.com and the company can be reached
at 1-512-219-7270.
PuTTY
PuTTY 0.53b addresses vulnerabilities discovered by SSHredder.
Appendix B. References
* CERT/CC Vulnerability Note: VU#389665 -
http://www.kb.cert.org/vuls/id/389665
* Rapid 7 Advisory: R7-0009 -
http://www.rapid7.com/advisories/R7-0009.txt
* Rapid 7 SSHredder test suite -
http://www.rapid7.com/perl/DownloadRequest.pl?PackageChoice=666
* IETF Draft: SSH Transport Layer Protocol -
http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15.
txt
* IETF Draft: SSH Protocol Architecture -
http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-
13.txt
* Privilege Separated OpenSSH -
http://www.citi.umich.edu/u/provos/ssh/privsep.html
_________________________________________________________________
The CERT Coordination Center thanks Rapid7 for researching and reporting these vulnerabilities. ___________
Author: Art Manion.
This document is available from: http://www.cert.org/advisories/CA-2002-36.html
CERT/CC Contact Information
Email: cert@cert.org Phone: +1 412-268-7090 (24-hour hotline) Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more information.
Getting security information
CERT publications and other security information are available from our web site http://www.cert.org/
To subscribe to the CERT mailing list for advisories and bulletins, send email to majordomo@cert.org. Please include in the body of your message
subscribe cert-advisory
- "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office.
NO WARRANTY Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement. ___________
Conditions for use, disclaimers, and sponsorship information
Copyright 2002 Carnegie Mellon University.
Revision History
December 16, 2002: Initial release
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBPf4qimjtSoHZUTs5AQEGbAQAiJcA+QFf2mOElaPIFwEmSRC83xlKifq/ PlmaGbUx2UnwTIi8s2ETF8KjlfQjjgO20B4ms1MMaJ/heyxklOgpeBOQ2mpa2Tnd yIY7sxpBuRjF1qS6yQ8/OrcsSqVxdxZWkPLAypV11WcJlMmSxxLdKi5t86EsWic3 xazIo8XEipc= =Nj+0 -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200212-0627", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "ios", scope: "eq", trust: 2.8, vendor: "cisco", version: "12.2", }, { model: "securenetterm", scope: "eq", trust: 1.7, vendor: "intersoft", version: "5.4.1", }, { model: "shellguard ssh", scope: "eq", trust: 1.7, vendor: "netcomposite", version: "3.4.6", }, { model: "winscp", scope: "eq", trust: 1.7, vendor: "winscp", version: "2.0.0", }, { model: "ios", scope: "eq", trust: 1.7, vendor: "cisco", version: "12.0s", }, { model: "ios", scope: "eq", trust: 1.7, vendor: "cisco", version: "12.0st", }, { model: "ios", scope: "eq", trust: 1.7, vendor: "cisco", version: "12.1e", }, { model: "ios", scope: "eq", trust: 1.7, vendor: "cisco", version: "12.1ea", }, { model: "ios", scope: "eq", trust: 1.7, vendor: "cisco", version: "12.1t", }, { model: "ios", scope: "eq", trust: 1.7, vendor: "cisco", version: "12.2s", }, { model: "ios", scope: "eq", trust: 1.7, vendor: "cisco", version: "12.2t", }, { model: "secureshell", scope: "eq", trust: 1.1, vendor: "pragma", version: "2.0", }, { model: "putty", scope: "eq", trust: 1.1, vendor: "putty", version: "0.48", }, { model: "putty", scope: "eq", trust: 1.1, vendor: "putty", version: "0.49", }, { model: "putty", scope: "eq", trust: 1.1, vendor: "putty", version: "0.53", }, { model: "ssh client", scope: "eq", trust: 1, vendor: "fissh", version: "1.0a_for_windows", }, { model: null, scope: null, trust: 0.8, vendor: "alcatel", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "f secure", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "hewlett packard", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "intersoft", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "juniper", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "nortel", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "pragma", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "putty", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "riverstone", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "ssh security", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "winscp", version: null, }, { model: "f-secure ssh", scope: "lte", trust: 0.8, vendor: "f secure", version: "3.1.0", }, { model: "ios", scope: "eq", trust: 0.8, vendor: "cisco", version: "12.0", }, { model: "ios", scope: "eq", trust: 0.8, vendor: "cisco", version: "12.1", }, { model: "pix firewall", scope: "eq", trust: 0.8, vendor: "cisco", version: "6.0", }, { model: "pix firewall", scope: "eq", trust: 0.8, vendor: "cisco", version: "6.1", }, { model: "pix firewall", scope: "eq", trust: 0.8, vendor: "cisco", version: "6.2", }, { model: "pix firewall", scope: "eq", trust: 0.8, vendor: "cisco", version: "6.3", }, { model: "tatham putty", scope: "eq", trust: 0.6, vendor: "simon", version: "0.53", }, { model: "tatham putty", scope: "eq", trust: 0.6, vendor: "simon", version: "0.49", }, { model: "tatham putty", scope: "eq", trust: 0.6, vendor: "simon", version: "0.48", }, { model: "systems secureshell", scope: "eq", trust: 0.6, vendor: "pragma", version: "2.0", }, { model: "ssh client for windows a", scope: "eq", trust: 0.6, vendor: "fissh", version: "1.0", }, { model: "tatham putty b", scope: "ne", trust: 0.6, vendor: "simon", version: "0.53", }, { model: "systems secureshell", scope: "ne", trust: 0.6, vendor: "pragma", version: "3.0", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.5", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.4", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.4", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.3", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.3", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.2.3", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.2.2", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.2", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.1", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.1", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0.2", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0.2", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0.1", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0.1", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0", }, { model: "lsh", scope: "ne", trust: 0.6, vendor: "lsh", version: "1.5", }, { model: "securenetterm", scope: "ne", trust: 0.6, vendor: "intersoft", version: "5.4.2", }, { model: "winsshd", scope: "ne", trust: 0.6, vendor: "bitvise", version: "3.5", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.3(0)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.1(1)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.1(0)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.1", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.0", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.6(1)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.6(0)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.5", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.1(3)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.1(2)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.1(1)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.1(0)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.0(2)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.0(1)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.0(0)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.0", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "3.4", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "3.3", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "3.2", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "3.1", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "2.3(5)", }, { model: "ons 15454e optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.14", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.6(1)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.6(0)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.5", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1(3)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1(2)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1(1)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1(0)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.0(2)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.0(1)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.4", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.3", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.2.0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.1.0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154542.3(5)", }, { model: "ons ios-based blades", scope: "eq", trust: 0.3, vendor: "cisco", version: "15454", }, { model: "ons metro edge optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "15327", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.14", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.6(1)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.6(0)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.1(3)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.1(2)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.1(1)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.1(0)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.0(2)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.0(1)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.0", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.4", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.3", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.2", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.1", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.0", }, { model: "ios 12.2t", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.2s", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.1t", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.1ea", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.1e", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.0st", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.0s", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "securecrt", scope: "ne", trust: 0.3, vendor: "vandyke", version: "3.4.3", }, { model: "vshell", scope: "ne", trust: 0.3, vendor: "van dyke", version: "1.2", }, { model: "ttssh", scope: "ne", trust: 0.3, vendor: "ttssh", version: "1.5.4", }, { model: "ssh client", scope: "eq", trust: 0.1, vendor: "fissh", version: "1.0a for windows", }, ], sources: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULMON", id: "CVE-2002-1360", }, { db: "BID", id: "6410", }, { db: "BID", id: "6397", }, { db: "JVNDB", id: "JVNDB-2002-000325", }, { db: "CNNVD", id: "CNNVD-200212-049", }, { db: "NVD", id: "CVE-2002-1360", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:f-secure:f-secure_ssh_server", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:ios", vulnerable: true, }, { cpe22Uri: "cpe:/h:cisco:pix_firewall", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2002-000325", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Rapid 7 Security Advisories※ advisory@rapid7.com", sources: [ { db: "CNNVD", id: "CNNVD-200212-049", }, ], trust: 0.6, }, cve: "CVE-2002-1360", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CVE-2002-1360", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2002-1360", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "VHN-5745", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "nvd@nist.gov", id: "CVE-2002-1360", trust: 1, value: "HIGH", }, { author: "CARNEGIE MELLON", id: "VU#389665", trust: 0.8, value: "11.04", }, { author: "NVD", id: "CVE-2002-1360", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-200212-049", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-5745", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2002-1360", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULHUB", id: "VHN-5745", }, { db: "VULMON", id: "CVE-2002-1360", }, { db: "JVNDB", id: "JVNDB-2002-000325", }, { db: "CNNVD", id: "CNNVD-200212-049", }, { db: "NVD", id: "CVE-2002-1360", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite. Secure shell (SSH) transport layer protocol implementations from different vendors contain multiple vulnerabilities in code that handles key exchange and initialization. Both SSH servers and clients are affected. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ TCP/IP Used by higher layers SSH The transport layer protocol is SSH This is the protocol that forms the basis of the entire protocol. Key exchange, encryption technology to be used, message authentication algorithm, etc. have been agreed, and functions such as encrypted data transfer and server authentication are provided. Provided by many vendors SSH There is a deficiency in the implementation method in products that implement the protocol. Remote attackers are responsible for various malicious packets that are handled during the initial setup, key exchange, and connection phase related to this protocol. ( Packet length padding Packets with unusual lengths, packets with malformed character strings or values inserted, packets for which the algorithm is not properly defined, etc. ) By sending SSH Cause a server or client to go out of service, and SSH It is possible to execute arbitrary code with the execution authority of the server or client. However, the impact of this issue is provided by each vendor SSH It depends on the product. Details are currently unknown, SSH Communications Security Provided by SSH Secure Shell in the case of, SSH It can lead to server child processes or client crashes. Also F-Secure of F-Secure SSH In the case of, SSH If you use both products as a result, it may cause the server child process to crash, SSH The connection between the server and client may be lost. However, the client can connect by trying to reconnect. At this time, SSH Secure Shell and F-Secure SSH of Windows The effect of the edition is unknown. OpenSSH Is not affected by this issue. Cisco IOS In the case of SSH Because the server is disabled, the default setting is not affected by this issue.Please refer to the “Overview” for the impact of this vulnerability. Multiple vendor SSH2 implementations are reported to be prone to issues related to the handling of null characters in strings. These issues may be used to cause unpredictable behavior to occur, such as a denial of service or memory corruption. It is reportedly possible to trigger these conditions prior to authentication. \nThese conditions were discovered during tests of the initialization, key exchange, and negotiation phases (KEX, KEXINIT) of a SSH2 transaction between client and server. These issues are known to affect various client and server implementations of the protocol. \nFurther details about this vulnerability are currently unknown. This BID will be updated as more information becomes available. This vulnerability was originally described in BugTraq ID 6397. \n\n-----BEGIN PGP SIGNED MESSAGE-----\n\n\nCERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations\n\n Original issue date: December 16, 2002\n Last revised: --\n Source: CERT/CC\n\n A complete revision history is at the end of this file. \n\n\nI. \n It provides strong encryption, cryptographic host authentication,\n and integrity protection.... These vulnerabilities include buffer\n overflows, and they occur before any user authentication takes place. \n SSHredder was primarily designed to test key exchange and other\n processes that are specific to version 2 of the SSH protocol; however,\n certain classes of tests are also applicable to version 1. \n\n Rapid7 has published a detailed advisory (R7-0009) and the SSHredder\n test suite. \n\n Common Vulnerabilities and Exposures (CVE) has assigned the following\n candidate numbers for several classes of tests performed by SSHredder:\n\n * CAN-2002-1357 - incorrect field lengths\n * CAN-2002-1358 - lists with empty elements or multiple separators\n * CAN-2002-1359 - \"classic\" buffer overflows\n * CAN-2002-1360 - null characters in strings\n\n\nII. On\n Microsoft Windows systems, SSH servers commonly run with SYSTEM\n privileges, and on UNIX systems, SSH daemons typically run with root\n privileges. \n\n\nIII. Solution\n\nApply a patch or upgrade\n\n Apply the appropriate patch or upgrade as specified by your vendor. \n See Appendix A below and the Systems Affected section of VU#389665 for\n specific information. \n\nRestrict access\n\n Limit access to SSH servers to trusted hosts and networks using\n firewalls or other packet-filtering systems. Some SSH servers may have\n the ability to restrict access based on IP addresses, or similar\n effects may be achieved by using TCP wrappers or other related\n technology. \n\n SSH clients can reduce the risk of attacks by only connecting to\n trusted servers by IP address. \n\n While these workarounds will not prevent exploitation of these\n vulnerabilities, they will make attacks somewhat more difficult, in\n part by limiting the number of potential sources of attacks. \n\n\nAppendix A. Vendor Information\n\n This appendix contains information provided by vendors. When vendors\n report new information, this section is updated and the changes are\n noted in the revision history. If a vendor is not listed below, we\n have not received their comments. The Systems Affected section of\n VU#389665 contains additional vendor status information. \n\nCisco Systems, Inc. \n\n The official statement regarding this is that we are not\n vulnerable. \n\nCray Inc. \n\n Cray Inc. supports the OpenSSH product through their Cray Open\n Software (COS) package. COS 3.3, available the end of December\n 2002, is not vulnerable. If a site is concerned, they can contact\n their local Cray representive to obtain an early copy of the\n OpenSSH contained in COS 3.3. \n\nF-Secure\n\n F-Secure SSH products are not exploitable via these attacks. While\n F-Secure SSH versions 3.1.0 build 11 and earlier crash on these\n malicious packets, we did not find ways to exploit this to gain\n unauthorized access or to run arbitrary code. Furthermore, the\n crash occurs in a forked process so the denial of service attacks\n are not possible. \n\nFujitsu\n\n Fujitsu's UXP/V OS is not vulnerable because it does not support\n SSH. \n\nIBM\n\n IBM's AIX is not vulnerabible to the issues discussed in CERT\n Vulnerability Note VU#389665. \n\nlsh\n\n I've now tried the testsuite with the latest stable release of lsh,\n lsh-1.4.2. Both the client and the server seem NOT VULNERABLE. \n\nNetScreen Technologies Inc. \n\n Tested latest versions. Not Vulnerable. \n\nOpenSSH\n\n From my testing it seems that the current version of OpenSSH (3.5)\n is not vulnerable to these problems, and some limited testing shows\n that no version of OpenSSH is vulnerable. \n\nPragma Systems, Inc. \n\n December 16, 2002\n\n Rapid 7 and CERT Coordination Center Vulnerability report VU#389665\n\n Pragma Systems Inc. of Austin, Texas, USA, was notified regarding a\n possible vulnerability with Version 2.0 of Pragma SecureShell. \n Pragma Systems tested Pragma SecureShell 2.0 and the upcoming new\n Version 3.0, and found that the attacks did cause a memory access\n protection fault on Microsoft platforms. \n\n After research, Pragma Systems corrected the problem. \n\n The problem is corrected in Pragma SecureShell Version 3.0. Any\n customers with concerns regarding this vulnerability report should\n contact Pragma Systems, Inc at support@pragmasys.com for\n information on obtaining an upgrade free of charge. Pragma's web\n site is located at www.pragmasys.com and the company can be reached\n at 1-512-219-7270. \n\nPuTTY\n\n PuTTY 0.53b addresses vulnerabilities discovered by SSHredder. \n\n\nAppendix B. References\n\n * CERT/CC Vulnerability Note: VU#389665 -\n http://www.kb.cert.org/vuls/id/389665\n * Rapid 7 Advisory: R7-0009 -\n http://www.rapid7.com/advisories/R7-0009.txt\n * Rapid 7 SSHredder test suite -\n http://www.rapid7.com/perl/DownloadRequest.pl?PackageChoice=666\n * IETF Draft: SSH Transport Layer Protocol -\n http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15. \n txt\n * IETF Draft: SSH Protocol Architecture -\n http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-\n 13.txt\n * Privilege Separated OpenSSH -\n http://www.citi.umich.edu/u/provos/ssh/privsep.html\n\n _________________________________________________________________\n\n The CERT Coordination Center thanks Rapid7 for researching and\n reporting these vulnerabilities. \n _________________________________________________________________\n\n Author: Art Manion. \n ______________________________________________________________________\n\n This document is available from:\n http://www.cert.org/advisories/CA-2002-36.html\n ______________________________________________________________________\n\n\nCERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n\nUsing encryption\n\n We strongly urge you to encrypt sensitive information sent by email. \n Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n\n If you prefer to use DES, please call the CERT hotline for more\n information. \n\nGetting security information\n\n CERT publications and other security information are available from\n our web site\n http://www.cert.org/\n\n To subscribe to the CERT mailing list for advisories and bulletins,\n send email to majordomo@cert.org. Please include in the body of your\n message\n\n subscribe cert-advisory\n\n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n ______________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the Software\n Engineering Institute is furnished on an \"as is\" basis. Carnegie\n Mellon University makes no warranties of any kind, either expressed or\n implied as to any matter including, but not limited to, warranty of\n fitness for a particular purpose or merchantability, exclusivity or\n results obtained from use of the material. Carnegie Mellon University\n does not make any warranty of any kind with respect to freedom from\n patent, trademark, or copyright infringement. \n _________________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n\n Copyright 2002 Carnegie Mellon University. \n\n Revision History\n\n December 16, 2002: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBPf4qimjtSoHZUTs5AQEGbAQAiJcA+QFf2mOElaPIFwEmSRC83xlKifq/\nPlmaGbUx2UnwTIi8s2ETF8KjlfQjjgO20B4ms1MMaJ/heyxklOgpeBOQ2mpa2Tnd\nyIY7sxpBuRjF1qS6yQ8/OrcsSqVxdxZWkPLAypV11WcJlMmSxxLdKi5t86EsWic3\nxazIo8XEipc=\n=Nj+0\n-----END PGP SIGNATURE-----\n", sources: [ { db: "NVD", id: "CVE-2002-1360", }, { db: "CERT/CC", id: "VU#389665", }, { db: "JVNDB", id: "JVNDB-2002-000325", }, { db: "BID", id: "6410", }, { db: "BID", id: "6397", }, { db: "VULHUB", id: "VHN-5745", }, { db: "VULMON", id: "CVE-2002-1360", }, { db: "PACKETSTORM", id: "30625", }, ], trust: 3.15, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2002-1360", trust: 2.9, }, { db: "CERT/CC", id: "VU#389665", trust: 1.7, }, { db: "SECTRACK", id: "1005813", trust: 1.7, }, { db: "SECTRACK", id: "1005812", trust: 1.7, }, { db: "BID", id: "6410", trust: 1.2, }, { db: "BID", id: "6397", trust: 1.1, }, { db: "BID", id: "6407", trust: 0.8, }, { db: "BID", id: "6408", trust: 0.8, }, { db: "BID", id: "6405", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2002-000325", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-200212-049", trust: 0.7, }, { db: "OVAL", id: "OVAL:ORG.MITRE.OVAL:DEF:5797", trust: 0.6, }, { db: "CERT/CC", id: "CA-2002-36", trust: 0.6, }, { db: "VULNWATCH", id: "20021216 R7-0009: VULNERABILITIES IN SSH2 IMPLEMENTATIONS FROM MULTIPLE VENDORS", trust: 0.6, }, { db: "VULHUB", id: "VHN-5745", trust: 0.1, }, { db: "VULMON", id: "CVE-2002-1360", trust: 0.1, }, { db: "PACKETSTORM", id: "30625", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULHUB", id: "VHN-5745", }, { db: "VULMON", id: "CVE-2002-1360", }, { db: "BID", id: "6410", }, { db: "BID", id: "6397", }, { db: "JVNDB", id: "JVNDB-2002-000325", }, { db: "PACKETSTORM", id: "30625", }, { db: "CNNVD", id: "CNNVD-200212-049", }, { db: "NVD", id: "CVE-2002-1360", }, ], }, id: "VAR-200212-0627", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-5745", }, ], trust: 0.01, }, last_update_date: "2024-11-22T22:51:32.591000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "ssh-packet-suite-vuln", trust: 0.8, url: "http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml", }, { title: "2003120403", trust: 0.8, url: "http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-2003120403.shtml", }, { title: "303", trust: 0.8, url: "http://www.ssh.com/company/newsroom/article/303/", }, { title: "ssh-packet-suite-vuln", trust: 0.8, url: "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/ssh-packet-suite-vuln-j.shtml", }, { title: "Cisco: SSH Malformed Packet Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20021219-ssh-packet", }, { title: "PuTTY", trust: 0.1, url: "https://github.com/kaleShashi/PuTTY ", }, { title: "PuTTy-", trust: 0.1, url: "https://github.com/pbr94/PuTTy- ", }, ], sources: [ { db: "VULMON", id: "CVE-2002-1360", }, { db: "JVNDB", id: "JVNDB-2002-000325", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-5745", }, { db: "JVNDB", id: "JVNDB-2002-000325", }, { db: "NVD", id: "CVE-2002-1360", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 4.3, url: "http://www.cert.org/advisories/ca-2002-36.html", }, { trust: 2.8, url: "http://securitytracker.com/id?1005812", }, { trust: 2.8, url: "http://securitytracker.com/id?1005813", }, { trust: 2.8, url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { trust: 2.2, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5797", }, { trust: 0.9, url: "http://www.rapid7.com/advisories/r7-0009.txt", }, { trust: 0.9, url: "http://www.rapid7.com/perl/downloadrequest.pl?packagechoice=666", }, { trust: 0.9, url: "http://www.citi.umich.edu/u/provos/ssh/privsep.html", }, { trust: 0.9, url: "http://www.kb.cert.org/vuls/id/389665", }, { trust: 0.8, url: "http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15.txt", }, { trust: 0.8, url: "http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-13.txt", }, { trust: 0.8, url: "http://www.ciac.org/ciac/bulletins/n-028.shtml", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-1360", }, { trust: 0.8, url: "http://www.jpcert.or.jp/wr/2002/wr025001.txt", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnca-2002-36", }, { trust: 0.8, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-1360", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6410", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6407", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6405", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6408", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6397", }, { trust: 0.6, url: "http://www.f-secure.com/", }, { trust: 0.6, url: "http://www.ssh.com", }, { trust: 0.6, url: "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5797", }, { trust: 0.3, url: "http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml", }, { trust: 0.3, url: "/archive/1/305241", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/20.html", }, { trust: 0.1, url: "https://www.rapid7.com/db/vulnerabilities/cisco-sshredder-dos", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://github.com/kaleshashi/putty", }, { trust: 0.1, url: "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20021219-ssh-packet", }, { trust: 0.1, url: "http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15.", }, { trust: 0.1, url: "http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-", }, { trust: 0.1, url: "http://www.cert.org/", }, { trust: 0.1, url: "http://www.cert.org/cert_pgp.key", }, { trust: 0.1, url: "https://www.pragmasys.com", }, ], sources: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULHUB", id: "VHN-5745", }, { db: "VULMON", id: "CVE-2002-1360", }, { db: "BID", id: "6410", }, { db: "BID", id: "6397", }, { db: "JVNDB", id: "JVNDB-2002-000325", }, { db: "PACKETSTORM", id: "30625", }, { db: "CNNVD", id: "CNNVD-200212-049", }, { db: "NVD", id: "CVE-2002-1360", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULHUB", id: "VHN-5745", }, { db: "VULMON", id: "CVE-2002-1360", }, { db: "BID", id: "6410", }, { db: "BID", id: "6397", }, { db: "JVNDB", id: "JVNDB-2002-000325", }, { db: "PACKETSTORM", id: "30625", }, { db: "CNNVD", id: "CNNVD-200212-049", }, { db: "NVD", id: "CVE-2002-1360", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2002-12-16T00:00:00", db: "CERT/CC", id: "VU#389665", }, { date: "2002-12-23T00:00:00", db: "VULHUB", id: "VHN-5745", }, { date: "2002-12-23T00:00:00", db: "VULMON", id: "CVE-2002-1360", }, { date: "2002-12-16T00:00:00", db: "BID", id: "6410", }, { date: "2002-12-16T00:00:00", db: "BID", id: "6397", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2002-000325", }, { date: "2002-12-21T10:23:09", db: "PACKETSTORM", id: "30625", }, { date: "2002-12-23T00:00:00", db: "CNNVD", id: "CNNVD-200212-049", }, { date: "2002-12-23T05:00:00", db: "NVD", id: "CVE-2002-1360", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2003-06-18T00:00:00", db: "CERT/CC", id: "VU#389665", }, { date: "2017-10-11T00:00:00", db: "VULHUB", id: "VHN-5745", }, { date: "2017-10-11T00:00:00", db: "VULMON", id: "CVE-2002-1360", }, { date: "2009-07-11T19:16:00", db: "BID", id: "6410", }, { date: "2002-12-16T00:00:00", db: "BID", id: "6397", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2002-000325", }, { date: "2009-03-04T00:00:00", db: "CNNVD", id: "CNNVD-200212-049", }, { date: "2024-11-20T23:41:07.153000", db: "NVD", id: "CVE-2002-1360", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "30625", }, { db: "CNNVD", id: "CNNVD-200212-049", }, ], trust: 0.7, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vendors' SSH transport layer protocol implementations contain vulnerabilities in key exchange and initialization", sources: [ { db: "CERT/CC", id: "VU#389665", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "input validation", sources: [ { db: "CNNVD", id: "CNNVD-200212-049", }, ], trust: 0.6, }, }
var-200212-0626
Vulnerability from variot
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite. Secure shell (SSH) transport layer protocol implementations from different vendors contain multiple vulnerabilities in code that handles key exchange and initialization. Both SSH servers and clients are affected. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ TCP/IP Used by higher layers SSH The transport layer protocol is SSH This is the protocol that forms the basis of the entire protocol. Key exchange, encryption technology to be used, message authentication algorithm, etc. have been agreed, and functions such as encrypted data transfer and server authentication are provided. Provided by many vendors SSH There is a deficiency in the implementation method in products that implement the protocol. Remote attackers are responsible for various malicious packets that are handled during the initial setup, key exchange, and connection phase related to this protocol. ( Packet length padding Packets with unusual lengths, packets with malformed character strings or values inserted, packets for which the algorithm is not properly defined, etc. ) By sending SSH Cause a server or client to go out of service, and SSH It is possible to execute arbitrary code with the execution authority of the server or client. However, the impact of this issue is provided by each vendor SSH It depends on the product. Details are currently unknown, SSH Communications Security Provided by SSH Secure Shell in the case of, SSH It can lead to server child processes or client crashes. Also F-Secure of F-Secure SSH In the case of, SSH If you use both products as a result, it may cause the server child process to crash, SSH The connection between the server and client may be lost. However, the client can connect by trying to reconnect. At this time, SSH Secure Shell and F-Secure SSH of Windows The effect of the edition is unknown. OpenSSH Is not affected by this issue. Cisco IOS In the case of SSH Because the server is disabled, the default setting is not affected by this issue.Please refer to the “Overview” for the impact of this vulnerability. Multiple vendor SSH2 implementations are reported to be prone to buffer overflows. These buffer overflows are alleged to be exploitable prior to authentication. These conditions were discovered during tests of the initialization, key exchange, and negotiation phases (KEX, KEXINIT) of a SSH2 transaction between client and server. These issues are known to affect various client and server implementations of the protocol. Further details about this vulnerability are currently unknown. This BID will be updated as more information becomes available. This vulnerability was originally described in BugTraq ID 6397.
-----BEGIN PGP SIGNED MESSAGE-----
CERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations
Original issue date: December 16, 2002 Last revised: -- Source: CERT/CC
A complete revision history is at the end of this file.
I. It provides strong encryption, cryptographic host authentication, and integrity protection.... SSHredder was primarily designed to test key exchange and other processes that are specific to version 2 of the SSH protocol; however, certain classes of tests are also applicable to version 1.
Rapid7 has published a detailed advisory (R7-0009) and the SSHredder test suite.
Common Vulnerabilities and Exposures (CVE) has assigned the following candidate numbers for several classes of tests performed by SSHredder:
* CAN-2002-1357 - incorrect field lengths
* CAN-2002-1358 - lists with empty elements or multiple separators
* CAN-2002-1359 - "classic" buffer overflows
* CAN-2002-1360 - null characters in strings
II. On Microsoft Windows systems, SSH servers commonly run with SYSTEM privileges, and on UNIX systems, SSH daemons typically run with root privileges.
III. Solution
Apply a patch or upgrade
Apply the appropriate patch or upgrade as specified by your vendor. See Appendix A below and the Systems Affected section of VU#389665 for specific information.
Restrict access
Limit access to SSH servers to trusted hosts and networks using firewalls or other packet-filtering systems. Some SSH servers may have the ability to restrict access based on IP addresses, or similar effects may be achieved by using TCP wrappers or other related technology.
SSH clients can reduce the risk of attacks by only connecting to trusted servers by IP address.
While these workarounds will not prevent exploitation of these vulnerabilities, they will make attacks somewhat more difficult, in part by limiting the number of potential sources of attacks.
Appendix A. Vendor Information
This appendix contains information provided by vendors. When vendors report new information, this section is updated and the changes are noted in the revision history. If a vendor is not listed below, we have not received their comments. The Systems Affected section of VU#389665 contains additional vendor status information.
Cisco Systems, Inc.
The official statement regarding this is that we are not
vulnerable.
Cray Inc.
Cray Inc. supports the OpenSSH product through their Cray Open
Software (COS) package. COS 3.3, available the end of December
2002, is not vulnerable. If a site is concerned, they can contact
their local Cray representive to obtain an early copy of the
OpenSSH contained in COS 3.3.
F-Secure
F-Secure SSH products are not exploitable via these attacks. While
F-Secure SSH versions 3.1.0 build 11 and earlier crash on these
malicious packets, we did not find ways to exploit this to gain
unauthorized access or to run arbitrary code. Furthermore, the
crash occurs in a forked process so the denial of service attacks
are not possible.
Fujitsu
Fujitsu's UXP/V OS is not vulnerable because it does not support
SSH.
IBM
IBM's AIX is not vulnerabible to the issues discussed in CERT
Vulnerability Note VU#389665.
lsh
I've now tried the testsuite with the latest stable release of lsh,
lsh-1.4.2. Both the client and the server seem NOT VULNERABLE.
NetScreen Technologies Inc.
Tested latest versions. Not Vulnerable.
OpenSSH
From my testing it seems that the current version of OpenSSH (3.5)
is not vulnerable to these problems, and some limited testing shows
that no version of OpenSSH is vulnerable.
Pragma Systems, Inc.
December 16, 2002
Rapid 7 and CERT Coordination Center Vulnerability report VU#389665
Pragma Systems Inc. of Austin, Texas, USA, was notified regarding a
possible vulnerability with Version 2.0 of Pragma SecureShell.
Pragma Systems tested Pragma SecureShell 2.0 and the upcoming new
Version 3.0, and found that the attacks did cause a memory access
protection fault on Microsoft platforms.
After research, Pragma Systems corrected the problem.
The problem is corrected in Pragma SecureShell Version 3.0. Any
customers with concerns regarding this vulnerability report should
contact Pragma Systems, Inc at support@pragmasys.com for
information on obtaining an upgrade free of charge. Pragma's web
site is located at www.pragmasys.com and the company can be reached
at 1-512-219-7270.
PuTTY
PuTTY 0.53b addresses vulnerabilities discovered by SSHredder.
Appendix B. References
* CERT/CC Vulnerability Note: VU#389665 -
http://www.kb.cert.org/vuls/id/389665
* Rapid 7 Advisory: R7-0009 -
http://www.rapid7.com/advisories/R7-0009.txt
* Rapid 7 SSHredder test suite -
http://www.rapid7.com/perl/DownloadRequest.pl?PackageChoice=666
* IETF Draft: SSH Transport Layer Protocol -
http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15.
txt
* IETF Draft: SSH Protocol Architecture -
http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-
13.txt
* Privilege Separated OpenSSH -
http://www.citi.umich.edu/u/provos/ssh/privsep.html
_________________________________________________________________
The CERT Coordination Center thanks Rapid7 for researching and reporting these vulnerabilities. ___________
Author: Art Manion.
This document is available from: http://www.cert.org/advisories/CA-2002-36.html
CERT/CC Contact Information
Email: cert@cert.org Phone: +1 412-268-7090 (24-hour hotline) Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more information.
Getting security information
CERT publications and other security information are available from our web site http://www.cert.org/
To subscribe to the CERT mailing list for advisories and bulletins, send email to majordomo@cert.org. Please include in the body of your message
subscribe cert-advisory
- "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office.
NO WARRANTY Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement. ___________
Conditions for use, disclaimers, and sponsorship information
Copyright 2002 Carnegie Mellon University.
Revision History
December 16, 2002: Initial release
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBPf4qimjtSoHZUTs5AQEGbAQAiJcA+QFf2mOElaPIFwEmSRC83xlKifq/ PlmaGbUx2UnwTIi8s2ETF8KjlfQjjgO20B4ms1MMaJ/heyxklOgpeBOQ2mpa2Tnd yIY7sxpBuRjF1qS6yQ8/OrcsSqVxdxZWkPLAypV11WcJlMmSxxLdKi5t86EsWic3 xazIo8XEipc= =Nj+0 -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200212-0626", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "ios", scope: "eq", trust: 2.8, vendor: "cisco", version: "12.2", }, { model: "securenetterm", scope: "eq", trust: 1.7, vendor: "intersoft", version: "5.4.1", }, { model: "shellguard ssh", scope: "eq", trust: 1.7, vendor: "netcomposite", version: "3.4.6", }, { model: "winscp", scope: "eq", trust: 1.7, vendor: "winscp", version: "2.0.0", }, { model: "ios", scope: "eq", trust: 1.7, vendor: "cisco", version: "12.0s", }, { model: "ios", scope: "eq", trust: 1.7, vendor: "cisco", version: "12.0st", }, { model: "ios", scope: "eq", trust: 1.7, vendor: "cisco", version: "12.1e", }, { model: "ios", scope: "eq", trust: 1.7, vendor: "cisco", version: "12.1ea", }, { model: "ios", scope: "eq", trust: 1.7, vendor: "cisco", version: "12.1t", }, { model: "ios", scope: "eq", trust: 1.7, vendor: "cisco", version: "12.2s", }, { model: "ios", scope: "eq", trust: 1.7, vendor: "cisco", version: "12.2t", }, { model: "secureshell", scope: "eq", trust: 1.1, vendor: "pragma", version: "2.0", }, { model: "putty", scope: "eq", trust: 1.1, vendor: "putty", version: "0.48", }, { model: "putty", scope: "eq", trust: 1.1, vendor: "putty", version: "0.49", }, { model: "putty", scope: "eq", trust: 1.1, vendor: "putty", version: "0.53", }, { model: "pix firewall", scope: "eq", trust: 1.1, vendor: "cisco", version: "6.2", }, { model: "pix firewall", scope: "eq", trust: 1.1, vendor: "cisco", version: "6.1", }, { model: "pix firewall", scope: "eq", trust: 1.1, vendor: "cisco", version: "6.0", }, { model: "ssh client", scope: "eq", trust: 1, vendor: "fissh", version: "1.0a_for_windows", }, { model: null, scope: null, trust: 0.8, vendor: "alcatel", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "f secure", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "hewlett packard", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "intersoft", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "juniper", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "nortel", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "pragma", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "putty", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "riverstone", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "ssh security", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "winscp", version: null, }, { model: "f-secure ssh", scope: "lte", trust: 0.8, vendor: "f secure", version: "3.1.0", }, { model: "ios", scope: "eq", trust: 0.8, vendor: "cisco", version: "12.0", }, { model: "ios", scope: "eq", trust: 0.8, vendor: "cisco", version: "12.1", }, { model: "pix firewall", scope: "eq", trust: 0.8, vendor: "cisco", version: "6.3", }, { model: "tatham putty", scope: "eq", trust: 0.6, vendor: "simon", version: "0.53", }, { model: "tatham putty", scope: "eq", trust: 0.6, vendor: "simon", version: "0.49", }, { model: "tatham putty", scope: "eq", trust: 0.6, vendor: "simon", version: "0.48", }, { model: "systems secureshell", scope: "eq", trust: 0.6, vendor: "pragma", version: "2.0", }, { model: "ssh client for windows a", scope: "eq", trust: 0.6, vendor: "fissh", version: "1.0", }, { model: "tatham putty b", scope: "ne", trust: 0.6, vendor: "simon", version: "0.53", }, { model: "systems secureshell", scope: "ne", trust: 0.6, vendor: "pragma", version: "3.0", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.5", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.4", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.4", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.3", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.3", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.2.3", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.2.2", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.2", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.1", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.1", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0.2", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0.2", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0.1", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0.1", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0", }, { model: "lsh", scope: "ne", trust: 0.6, vendor: "lsh", version: "1.5", }, { model: "securenetterm", scope: "ne", trust: 0.6, vendor: "intersoft", version: "5.4.2", }, { model: "ios 12.2", scope: "ne", trust: 0.6, vendor: "cisco", version: null, }, { model: "winsshd", scope: "ne", trust: 0.6, vendor: "bitvise", version: "3.5", }, { model: "webns", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.10", }, { model: "webns", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.10.2.06", }, { model: "webns", scope: "eq", trust: 0.3, vendor: "cisco", version: "7.10.1.02", }, { model: "webns", scope: "eq", trust: 0.3, vendor: "cisco", version: "5.20", }, { model: "webns", scope: "eq", trust: 0.3, vendor: "cisco", version: "5.10", }, { model: "webns", scope: "eq", trust: 0.3, vendor: "cisco", version: "5.10.0.10", }, { model: "pix firewall", scope: "eq", trust: 0.3, vendor: "cisco", version: "6.2.2.111", }, { model: "pix firewall", scope: "eq", trust: 0.3, vendor: "cisco", version: "6.2.2", }, { model: "pix firewall", scope: "eq", trust: 0.3, vendor: "cisco", version: "6.2.1", }, { model: "pix firewall", scope: "eq", trust: 0.3, vendor: "cisco", version: "6.2(2)", }, { model: "pix firewall", scope: "eq", trust: 0.3, vendor: "cisco", version: "6.2(1)", }, { model: "pix firewall", scope: "eq", trust: 0.3, vendor: "cisco", version: "6.1.4", }, { model: "pix firewall", scope: "eq", trust: 0.3, vendor: "cisco", version: "6.1.3", }, { model: "pix firewall", scope: "eq", trust: 0.3, vendor: "cisco", version: "6.1(4)", }, { model: "pix firewall", scope: "eq", trust: 0.3, vendor: "cisco", version: "6.1(3)", }, { model: "pix firewall", scope: "eq", trust: 0.3, vendor: "cisco", version: "6.1(2)", }, { model: "pix firewall", scope: "eq", trust: 0.3, vendor: "cisco", version: "6.1(1)", }, { model: "pix firewall", scope: "eq", trust: 0.3, vendor: "cisco", version: "6.0.4", }, { model: "pix firewall", scope: "eq", trust: 0.3, vendor: "cisco", version: "6.0.3", }, { model: "pix firewall", scope: "eq", trust: 0.3, vendor: "cisco", version: "6.0(4)", }, { model: "pix firewall", scope: "eq", trust: 0.3, vendor: "cisco", version: "6.0(2)", }, { model: "pix firewall", scope: "eq", trust: 0.3, vendor: "cisco", version: "6.0(1)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.3(0)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.1(1)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.1(0)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.1", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.0", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.6(1)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.6(0)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.5", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.1(3)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.1(2)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.1(1)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.1(0)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.0(2)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.0(1)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.0(0)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.0", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "3.4", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "3.3", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "3.2", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "3.1", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "2.3(5)", }, { model: "ons 15454e optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.14", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.6(1)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.6(0)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.5", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1(3)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1(2)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1(1)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1(0)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.0(2)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.0(1)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.4", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.3", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.2.0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.1.0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154542.3(5)", }, { model: "ons ios-based blades", scope: "eq", trust: 0.3, vendor: "cisco", version: "15454", }, { model: "ons metro edge optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "15327", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.14", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.6(1)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.6(0)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.1(3)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.1(2)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.1(1)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.1(0)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.0(2)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.0(1)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.0", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.4", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.3", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.2", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.1", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.0", }, { model: "ios 12.2t", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.2s", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.2 t", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.2 s", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios", scope: "eq", trust: 0.3, vendor: "cisco", version: "12.2(1)", }, { model: "ios 12.1t", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.1ea", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.1e", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.1 e", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.1 t", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.0st", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.0s", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.0 s", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.0 st", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "firewall services module", scope: "eq", trust: 0.3, vendor: "cisco", version: "2.1(0.208)", }, { model: "aironet 1t", scope: "eq", trust: 0.3, vendor: "cisco", version: "12.0", }, { model: "aironet 0t", scope: "eq", trust: 0.3, vendor: "cisco", version: "12.0", }, { model: "webns .0.06s", scope: "ne", trust: 0.3, vendor: "cisco", version: "7.10", }, { model: "webns .0.06s", scope: "ne", trust: 0.3, vendor: "cisco", version: "5.20", }, { model: "pix firewall", scope: "ne", trust: 0.3, vendor: "cisco", version: "6.3(1)", }, { model: "pix firewall", scope: "ne", trust: 0.3, vendor: "cisco", version: "6.2(3)", }, { model: "pix firewall", scope: "ne", trust: 0.3, vendor: "cisco", version: "6.1(5)", }, { model: "pix firewall", scope: "ne", trust: 0.3, vendor: "cisco", version: "6.0(4.101)", }, { model: "ios 12.2 s", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.2 t1", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.2 t3", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.1 e1", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.1 ea1c", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.1 e3", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.0 s2", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.0 s4", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.0 st6", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.0 s6", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.0 st7", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "aironet 1t1", scope: "ne", trust: 0.3, vendor: "cisco", version: "12.0", }, { model: "securecrt", scope: "ne", trust: 0.3, vendor: "vandyke", version: "3.4.3", }, { model: "vshell", scope: "ne", trust: 0.3, vendor: "van dyke", version: "1.2", }, { model: "ttssh", scope: "ne", trust: 0.3, vendor: "ttssh", version: "1.5.4", }, { model: "ssh client", scope: "eq", trust: 0.1, vendor: "fissh", version: "1.0a for windows", }, ], sources: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULMON", id: "CVE-2002-1359", }, { db: "BID", id: "6407", }, { db: "BID", id: "6397", }, { db: "JVNDB", id: "JVNDB-2002-000324", }, { db: "CNNVD", id: "CNNVD-200212-041", }, { db: "NVD", id: "CVE-2002-1359", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:f-secure:f-secure_ssh_server", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:ios", vulnerable: true, }, { cpe22Uri: "cpe:/h:cisco:pix_firewall", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2002-000324", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Rapid 7 Security Advisories※ advisory@rapid7.com", sources: [ { db: "CNNVD", id: "CNNVD-200212-041", }, ], trust: 0.6, }, cve: "CVE-2002-1359", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CVE-2002-1359", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2002-1359", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "VHN-5744", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "nvd@nist.gov", id: "CVE-2002-1359", trust: 1, value: "HIGH", }, { author: "CARNEGIE MELLON", id: "VU#389665", trust: 0.8, value: "11.04", }, { author: "NVD", id: "CVE-2002-1359", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-200212-041", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-5744", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2002-1359", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULHUB", id: "VHN-5744", }, { db: "VULMON", id: "CVE-2002-1359", }, { db: "JVNDB", id: "JVNDB-2002-000324", }, { db: "CNNVD", id: "CNNVD-200212-041", }, { db: "NVD", id: "CVE-2002-1359", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite. Secure shell (SSH) transport layer protocol implementations from different vendors contain multiple vulnerabilities in code that handles key exchange and initialization. Both SSH servers and clients are affected. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ TCP/IP Used by higher layers SSH The transport layer protocol is SSH This is the protocol that forms the basis of the entire protocol. Key exchange, encryption technology to be used, message authentication algorithm, etc. have been agreed, and functions such as encrypted data transfer and server authentication are provided. Provided by many vendors SSH There is a deficiency in the implementation method in products that implement the protocol. Remote attackers are responsible for various malicious packets that are handled during the initial setup, key exchange, and connection phase related to this protocol. ( Packet length padding Packets with unusual lengths, packets with malformed character strings or values inserted, packets for which the algorithm is not properly defined, etc. ) By sending SSH Cause a server or client to go out of service, and SSH It is possible to execute arbitrary code with the execution authority of the server or client. However, the impact of this issue is provided by each vendor SSH It depends on the product. Details are currently unknown, SSH Communications Security Provided by SSH Secure Shell in the case of, SSH It can lead to server child processes or client crashes. Also F-Secure of F-Secure SSH In the case of, SSH If you use both products as a result, it may cause the server child process to crash, SSH The connection between the server and client may be lost. However, the client can connect by trying to reconnect. At this time, SSH Secure Shell and F-Secure SSH of Windows The effect of the edition is unknown. OpenSSH Is not affected by this issue. Cisco IOS In the case of SSH Because the server is disabled, the default setting is not affected by this issue.Please refer to the “Overview” for the impact of this vulnerability. Multiple vendor SSH2 implementations are reported to be prone to buffer overflows. These buffer overflows are alleged to be exploitable prior to authentication. \nThese conditions were discovered during tests of the initialization, key exchange, and negotiation phases (KEX, KEXINIT) of a SSH2 transaction between client and server. These issues are known to affect various client and server implementations of the protocol. \nFurther details about this vulnerability are currently unknown. This BID will be updated as more information becomes available. This vulnerability was originally described in BugTraq ID 6397. \n\n-----BEGIN PGP SIGNED MESSAGE-----\n\n\nCERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations\n\n Original issue date: December 16, 2002\n Last revised: --\n Source: CERT/CC\n\n A complete revision history is at the end of this file. \n\n\nI. \n It provides strong encryption, cryptographic host authentication,\n and integrity protection.... \n SSHredder was primarily designed to test key exchange and other\n processes that are specific to version 2 of the SSH protocol; however,\n certain classes of tests are also applicable to version 1. \n\n Rapid7 has published a detailed advisory (R7-0009) and the SSHredder\n test suite. \n\n Common Vulnerabilities and Exposures (CVE) has assigned the following\n candidate numbers for several classes of tests performed by SSHredder:\n\n * CAN-2002-1357 - incorrect field lengths\n * CAN-2002-1358 - lists with empty elements or multiple separators\n * CAN-2002-1359 - \"classic\" buffer overflows\n * CAN-2002-1360 - null characters in strings\n\n\nII. On\n Microsoft Windows systems, SSH servers commonly run with SYSTEM\n privileges, and on UNIX systems, SSH daemons typically run with root\n privileges. \n\n\nIII. Solution\n\nApply a patch or upgrade\n\n Apply the appropriate patch or upgrade as specified by your vendor. \n See Appendix A below and the Systems Affected section of VU#389665 for\n specific information. \n\nRestrict access\n\n Limit access to SSH servers to trusted hosts and networks using\n firewalls or other packet-filtering systems. Some SSH servers may have\n the ability to restrict access based on IP addresses, or similar\n effects may be achieved by using TCP wrappers or other related\n technology. \n\n SSH clients can reduce the risk of attacks by only connecting to\n trusted servers by IP address. \n\n While these workarounds will not prevent exploitation of these\n vulnerabilities, they will make attacks somewhat more difficult, in\n part by limiting the number of potential sources of attacks. \n\n\nAppendix A. Vendor Information\n\n This appendix contains information provided by vendors. When vendors\n report new information, this section is updated and the changes are\n noted in the revision history. If a vendor is not listed below, we\n have not received their comments. The Systems Affected section of\n VU#389665 contains additional vendor status information. \n\nCisco Systems, Inc. \n\n The official statement regarding this is that we are not\n vulnerable. \n\nCray Inc. \n\n Cray Inc. supports the OpenSSH product through their Cray Open\n Software (COS) package. COS 3.3, available the end of December\n 2002, is not vulnerable. If a site is concerned, they can contact\n their local Cray representive to obtain an early copy of the\n OpenSSH contained in COS 3.3. \n\nF-Secure\n\n F-Secure SSH products are not exploitable via these attacks. While\n F-Secure SSH versions 3.1.0 build 11 and earlier crash on these\n malicious packets, we did not find ways to exploit this to gain\n unauthorized access or to run arbitrary code. Furthermore, the\n crash occurs in a forked process so the denial of service attacks\n are not possible. \n\nFujitsu\n\n Fujitsu's UXP/V OS is not vulnerable because it does not support\n SSH. \n\nIBM\n\n IBM's AIX is not vulnerabible to the issues discussed in CERT\n Vulnerability Note VU#389665. \n\nlsh\n\n I've now tried the testsuite with the latest stable release of lsh,\n lsh-1.4.2. Both the client and the server seem NOT VULNERABLE. \n\nNetScreen Technologies Inc. \n\n Tested latest versions. Not Vulnerable. \n\nOpenSSH\n\n From my testing it seems that the current version of OpenSSH (3.5)\n is not vulnerable to these problems, and some limited testing shows\n that no version of OpenSSH is vulnerable. \n\nPragma Systems, Inc. \n\n December 16, 2002\n\n Rapid 7 and CERT Coordination Center Vulnerability report VU#389665\n\n Pragma Systems Inc. of Austin, Texas, USA, was notified regarding a\n possible vulnerability with Version 2.0 of Pragma SecureShell. \n Pragma Systems tested Pragma SecureShell 2.0 and the upcoming new\n Version 3.0, and found that the attacks did cause a memory access\n protection fault on Microsoft platforms. \n\n After research, Pragma Systems corrected the problem. \n\n The problem is corrected in Pragma SecureShell Version 3.0. Any\n customers with concerns regarding this vulnerability report should\n contact Pragma Systems, Inc at support@pragmasys.com for\n information on obtaining an upgrade free of charge. Pragma's web\n site is located at www.pragmasys.com and the company can be reached\n at 1-512-219-7270. \n\nPuTTY\n\n PuTTY 0.53b addresses vulnerabilities discovered by SSHredder. \n\n\nAppendix B. References\n\n * CERT/CC Vulnerability Note: VU#389665 -\n http://www.kb.cert.org/vuls/id/389665\n * Rapid 7 Advisory: R7-0009 -\n http://www.rapid7.com/advisories/R7-0009.txt\n * Rapid 7 SSHredder test suite -\n http://www.rapid7.com/perl/DownloadRequest.pl?PackageChoice=666\n * IETF Draft: SSH Transport Layer Protocol -\n http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15. \n txt\n * IETF Draft: SSH Protocol Architecture -\n http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-\n 13.txt\n * Privilege Separated OpenSSH -\n http://www.citi.umich.edu/u/provos/ssh/privsep.html\n\n _________________________________________________________________\n\n The CERT Coordination Center thanks Rapid7 for researching and\n reporting these vulnerabilities. \n _________________________________________________________________\n\n Author: Art Manion. \n ______________________________________________________________________\n\n This document is available from:\n http://www.cert.org/advisories/CA-2002-36.html\n ______________________________________________________________________\n\n\nCERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n\nUsing encryption\n\n We strongly urge you to encrypt sensitive information sent by email. \n Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n\n If you prefer to use DES, please call the CERT hotline for more\n information. \n\nGetting security information\n\n CERT publications and other security information are available from\n our web site\n http://www.cert.org/\n\n To subscribe to the CERT mailing list for advisories and bulletins,\n send email to majordomo@cert.org. Please include in the body of your\n message\n\n subscribe cert-advisory\n\n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n ______________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the Software\n Engineering Institute is furnished on an \"as is\" basis. Carnegie\n Mellon University makes no warranties of any kind, either expressed or\n implied as to any matter including, but not limited to, warranty of\n fitness for a particular purpose or merchantability, exclusivity or\n results obtained from use of the material. Carnegie Mellon University\n does not make any warranty of any kind with respect to freedom from\n patent, trademark, or copyright infringement. \n _________________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n\n Copyright 2002 Carnegie Mellon University. \n\n Revision History\n\n December 16, 2002: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBPf4qimjtSoHZUTs5AQEGbAQAiJcA+QFf2mOElaPIFwEmSRC83xlKifq/\nPlmaGbUx2UnwTIi8s2ETF8KjlfQjjgO20B4ms1MMaJ/heyxklOgpeBOQ2mpa2Tnd\nyIY7sxpBuRjF1qS6yQ8/OrcsSqVxdxZWkPLAypV11WcJlMmSxxLdKi5t86EsWic3\nxazIo8XEipc=\n=Nj+0\n-----END PGP SIGNATURE-----\n", sources: [ { db: "NVD", id: "CVE-2002-1359", }, { db: "CERT/CC", id: "VU#389665", }, { db: "JVNDB", id: "JVNDB-2002-000324", }, { db: "BID", id: "6407", }, { db: "BID", id: "6397", }, { db: "VULHUB", id: "VHN-5744", }, { db: "VULMON", id: "CVE-2002-1359", }, { db: "PACKETSTORM", id: "30625", }, ], trust: 3.15, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://vulmon.com/exploitdetails?qidtp=exploitdb&qid=1788", trust: 0.2, type: "exploit", }, { reference: "https://www.scap.org.cn/vuln/vhn-5744", trust: 0.1, type: "unknown", }, ], sources: [ { db: "VULHUB", id: "VHN-5744", }, { db: "VULMON", id: "CVE-2002-1359", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "BID", id: "6407", trust: 2.9, }, { db: "NVD", id: "CVE-2002-1359", trust: 2.9, }, { db: "SECTRACK", id: "1005812", trust: 1.8, }, { db: "SECTRACK", id: "1005813", trust: 1.8, }, { db: "CERT/CC", id: "VU#389665", trust: 1.7, }, { db: "BID", id: "6397", trust: 1.1, }, { db: "BID", id: "6410", trust: 0.8, }, { db: "BID", id: "6408", trust: 0.8, }, { db: "BID", id: "6405", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2002-000324", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-200212-041", trust: 0.7, }, { db: "OVAL", id: "OVAL:ORG.MITRE.OVAL:DEF:5848", trust: 0.6, }, { db: "CERT/CC", id: "CA-2002-36", trust: 0.6, }, { db: "VULNWATCH", id: "20021216 R7-0009: VULNERABILITIES IN SSH2 IMPLEMENTATIONS FROM MULTIPLE VENDORS", trust: 0.6, }, { db: "XF", id: "10870", trust: 0.6, }, { db: "EXPLOIT-DB", id: "1788", trust: 0.2, }, { db: "EXPLOIT-DB", id: "16463", trust: 0.1, }, { db: "PACKETSTORM", id: "83008", trust: 0.1, }, { db: "SEEBUG", id: "SSVID-70977", trust: 0.1, }, { db: "SEEBUG", id: "SSVID-63554", trust: 0.1, }, { db: "VULHUB", id: "VHN-5744", trust: 0.1, }, { db: "VULMON", id: "CVE-2002-1359", trust: 0.1, }, { db: "PACKETSTORM", id: "30625", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULHUB", id: "VHN-5744", }, { db: "VULMON", id: "CVE-2002-1359", }, { db: "BID", id: "6407", }, { db: "BID", id: "6397", }, { db: "JVNDB", id: "JVNDB-2002-000324", }, { db: "PACKETSTORM", id: "30625", }, { db: "CNNVD", id: "CNNVD-200212-041", }, { db: "NVD", id: "CVE-2002-1359", }, ], }, id: "VAR-200212-0626", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-5744", }, ], trust: 0.01, }, last_update_date: "2024-11-22T22:51:32.651000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "ssh-packet-suite-vuln", trust: 0.8, url: "http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml", }, { title: "2003120403", trust: 0.8, url: "http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-2003120403.shtml", }, { title: "303", trust: 0.8, url: "http://www.ssh.com/company/newsroom/article/303/", }, { title: "ssh-packet-suite-vuln", trust: 0.8, url: "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/ssh-packet-suite-vuln-j.shtml", }, { title: "Cisco: SSH Malformed Packet Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20021219-ssh-packet", }, { title: "PuTTY", trust: 0.1, url: "https://github.com/kaleShashi/PuTTY ", }, { title: "PuTTy-", trust: 0.1, url: "https://github.com/pbr94/PuTTy- ", }, ], sources: [ { db: "VULMON", id: "CVE-2002-1359", }, { db: "JVNDB", id: "JVNDB-2002-000324", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-5744", }, { db: "JVNDB", id: "JVNDB-2002-000324", }, { db: "NVD", id: "CVE-2002-1359", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 4.3, url: "http://www.cert.org/advisories/ca-2002-36.html", }, { trust: 3.6, url: "http://www.securityfocus.com/bid/6407", }, { trust: 2.8, url: "http://securitytracker.com/id?1005812", }, { trust: 2.8, url: "http://securitytracker.com/id?1005813", }, { trust: 2.8, url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { trust: 2.2, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5848", }, { trust: 2.2, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/10870", }, { trust: 0.9, url: "http://www.rapid7.com/advisories/r7-0009.txt", }, { trust: 0.9, url: "http://www.rapid7.com/perl/downloadrequest.pl?packagechoice=666", }, { trust: 0.9, url: "http://www.citi.umich.edu/u/provos/ssh/privsep.html", }, { trust: 0.9, url: "http://www.kb.cert.org/vuls/id/389665", }, { trust: 0.8, url: "http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15.txt", }, { trust: 0.8, url: "http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-13.txt", }, { trust: 0.8, url: "http://www.ciac.org/ciac/bulletins/n-028.shtml", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-1359", }, { trust: 0.8, url: "http://www.jpcert.or.jp/wr/2002/wr025001.txt", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnca-2002-36", }, { trust: 0.8, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-1359", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6405", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6408", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6397", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6410", }, { trust: 0.6, url: "http://www.f-secure.com/", }, { trust: 0.6, url: "http://www.ssh.com", }, { trust: 0.6, url: "http://xforce.iss.net/xforce/xfdb/10870", }, { trust: 0.6, url: "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5848", }, { trust: 0.3, url: "http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml", }, { trust: 0.3, url: "/archive/1/304609", }, { trust: 0.3, url: "/archive/1/305241", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/20.html", }, { trust: 0.1, url: "https://www.rapid7.com/db/vulnerabilities/ssh-pragma-sshredder-overflow", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://www.rapid7.com/db/modules/exploit/windows/ssh/putty_msg_debug", }, { trust: 0.1, url: "https://www.exploit-db.com/exploits/1788/", }, { trust: 0.1, url: "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20021219-ssh-packet", }, { trust: 0.1, url: "http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15.", }, { trust: 0.1, url: "http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-", }, { trust: 0.1, url: "http://www.cert.org/", }, { trust: 0.1, url: "http://www.cert.org/cert_pgp.key", }, { trust: 0.1, url: "https://www.pragmasys.com", }, ], sources: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULHUB", id: "VHN-5744", }, { db: "VULMON", id: "CVE-2002-1359", }, { db: "BID", id: "6407", }, { db: "BID", id: "6397", }, { db: "JVNDB", id: "JVNDB-2002-000324", }, { db: "PACKETSTORM", id: "30625", }, { db: "CNNVD", id: "CNNVD-200212-041", }, { db: "NVD", id: "CVE-2002-1359", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULHUB", id: "VHN-5744", }, { db: "VULMON", id: "CVE-2002-1359", }, { db: "BID", id: "6407", }, { db: "BID", id: "6397", }, { db: "JVNDB", id: "JVNDB-2002-000324", }, { db: "PACKETSTORM", id: "30625", }, { db: "CNNVD", id: "CNNVD-200212-041", }, { db: "NVD", id: "CVE-2002-1359", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2002-12-16T00:00:00", db: "CERT/CC", id: "VU#389665", }, { date: "2002-12-23T00:00:00", db: "VULHUB", id: "VHN-5744", }, { date: "2002-12-23T00:00:00", db: "VULMON", id: "CVE-2002-1359", }, { date: "2002-12-16T00:00:00", db: "BID", id: "6407", }, { date: "2002-12-16T00:00:00", db: "BID", id: "6397", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2002-000324", }, { date: "2002-12-21T10:23:09", db: "PACKETSTORM", id: "30625", }, { date: "2002-12-23T00:00:00", db: "CNNVD", id: "CNNVD-200212-041", }, { date: "2002-12-23T05:00:00", db: "NVD", id: "CVE-2002-1359", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2003-06-18T00:00:00", db: "CERT/CC", id: "VU#389665", }, { date: "2017-10-11T00:00:00", db: "VULHUB", id: "VHN-5744", }, { date: "2017-10-11T00:00:00", db: "VULMON", id: "CVE-2002-1359", }, { date: "2009-07-11T19:16:00", db: "BID", id: "6407", }, { date: "2002-12-16T00:00:00", db: "BID", id: "6397", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2002-000324", }, { date: "2009-03-04T00:00:00", db: "CNNVD", id: "CNNVD-200212-041", }, { date: "2024-11-20T23:41:07", db: "NVD", id: "CVE-2002-1359", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "30625", }, { db: "CNNVD", id: "CNNVD-200212-041", }, ], trust: 0.7, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vendors' SSH transport layer protocol implementations contain vulnerabilities in key exchange and initialization", sources: [ { db: "CERT/CC", id: "VU#389665", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "input validation", sources: [ { db: "CNNVD", id: "CNNVD-200212-041", }, ], trust: 0.6, }, }
var-200212-0624
Vulnerability from variot
Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. Secure shell (SSH) transport layer protocol implementations from different vendors contain multiple vulnerabilities in code that handles key exchange and initialization. Both SSH servers and clients are affected. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ TCP/IP Used by higher layers SSH The transport layer protocol is SSH This is the protocol that forms the basis of the entire protocol. Key exchange, encryption technology to be used, message authentication algorithm, etc. have been agreed, and functions such as encrypted data transfer and server authentication are provided. Provided by many vendors SSH There is a deficiency in the implementation method in products that implement the protocol. Remote attackers are responsible for various malicious packets that are handled during the initial setup, key exchange, and connection phase related to this protocol. ( Packet length padding Packets with unusual lengths, packets with malformed character strings or values inserted, packets for which the algorithm is not properly defined, etc. ) By sending SSH Cause a server or client to go out of service, and SSH It is possible to execute arbitrary code with the execution authority of the server or client. However, the impact of this issue is provided by each vendor SSH It depends on the product. Details are currently unknown, SSH Communications Security Provided by SSH Secure Shell in the case of, SSH It can lead to server child processes or client crashes. Also F-Secure of F-Secure SSH In the case of, SSH If you use both products as a result, it may cause the server child process to crash, SSH The connection between the server and client may be lost. However, the client can connect by trying to reconnect. At this time, SSH Secure Shell and F-Secure SSH of Windows The effect of the edition is unknown. OpenSSH Is not affected by this issue. Cisco IOS In the case of SSH Because the server is disabled, the default setting is not affected by this issue.Please refer to the “Overview” for the impact of this vulnerability. A vulnerability with incorrect lengths of fields in SSH packets has been reported for multiple products that use SSH2 for secure communications. The vulnerability has been reported to affect initialization, key exchange, and negotiation phases of SSH communications. An attacker may exploit the vulnerability to perform denial-of-service attacks against vulnerable systems and possibly to execute malicious, attacker-supplied code. Further details about the vulnerability are currently unknown. This BID will be updated as more information becomes available. This vulnerability was originally described in Bugtraq ID 6397.
-----BEGIN PGP SIGNED MESSAGE-----
CERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations
Original issue date: December 16, 2002 Last revised: -- Source: CERT/CC
A complete revision history is at the end of this file.
I. It provides strong encryption, cryptographic host authentication, and integrity protection.... These vulnerabilities include buffer overflows, and they occur before any user authentication takes place. SSHredder was primarily designed to test key exchange and other processes that are specific to version 2 of the SSH protocol; however, certain classes of tests are also applicable to version 1.
Rapid7 has published a detailed advisory (R7-0009) and the SSHredder test suite.
Common Vulnerabilities and Exposures (CVE) has assigned the following candidate numbers for several classes of tests performed by SSHredder:
* CAN-2002-1357 - incorrect field lengths
* CAN-2002-1358 - lists with empty elements or multiple separators
* CAN-2002-1359 - "classic" buffer overflows
* CAN-2002-1360 - null characters in strings
II. On Microsoft Windows systems, SSH servers commonly run with SYSTEM privileges, and on UNIX systems, SSH daemons typically run with root privileges.
III. Solution
Apply a patch or upgrade
Apply the appropriate patch or upgrade as specified by your vendor. See Appendix A below and the Systems Affected section of VU#389665 for specific information.
Restrict access
Limit access to SSH servers to trusted hosts and networks using firewalls or other packet-filtering systems. Some SSH servers may have the ability to restrict access based on IP addresses, or similar effects may be achieved by using TCP wrappers or other related technology.
SSH clients can reduce the risk of attacks by only connecting to trusted servers by IP address.
While these workarounds will not prevent exploitation of these vulnerabilities, they will make attacks somewhat more difficult, in part by limiting the number of potential sources of attacks.
Appendix A. Vendor Information
This appendix contains information provided by vendors. When vendors report new information, this section is updated and the changes are noted in the revision history. If a vendor is not listed below, we have not received their comments. The Systems Affected section of VU#389665 contains additional vendor status information.
Cisco Systems, Inc.
The official statement regarding this is that we are not
vulnerable.
Cray Inc.
Cray Inc. supports the OpenSSH product through their Cray Open
Software (COS) package. COS 3.3, available the end of December
2002, is not vulnerable. If a site is concerned, they can contact
their local Cray representive to obtain an early copy of the
OpenSSH contained in COS 3.3.
F-Secure
F-Secure SSH products are not exploitable via these attacks. While
F-Secure SSH versions 3.1.0 build 11 and earlier crash on these
malicious packets, we did not find ways to exploit this to gain
unauthorized access or to run arbitrary code. Furthermore, the
crash occurs in a forked process so the denial of service attacks
are not possible.
Fujitsu
Fujitsu's UXP/V OS is not vulnerable because it does not support
SSH.
IBM
IBM's AIX is not vulnerabible to the issues discussed in CERT
Vulnerability Note VU#389665.
lsh
I've now tried the testsuite with the latest stable release of lsh,
lsh-1.4.2. Both the client and the server seem NOT VULNERABLE.
NetScreen Technologies Inc.
Tested latest versions. Not Vulnerable.
OpenSSH
From my testing it seems that the current version of OpenSSH (3.5)
is not vulnerable to these problems, and some limited testing shows
that no version of OpenSSH is vulnerable.
Pragma Systems, Inc.
December 16, 2002
Rapid 7 and CERT Coordination Center Vulnerability report VU#389665
Pragma Systems Inc. of Austin, Texas, USA, was notified regarding a
possible vulnerability with Version 2.0 of Pragma SecureShell.
Pragma Systems tested Pragma SecureShell 2.0 and the upcoming new
Version 3.0, and found that the attacks did cause a memory access
protection fault on Microsoft platforms.
After research, Pragma Systems corrected the problem.
The problem is corrected in Pragma SecureShell Version 3.0. Any
customers with concerns regarding this vulnerability report should
contact Pragma Systems, Inc at support@pragmasys.com for
information on obtaining an upgrade free of charge. Pragma's web
site is located at www.pragmasys.com and the company can be reached
at 1-512-219-7270.
PuTTY
PuTTY 0.53b addresses vulnerabilities discovered by SSHredder.
Appendix B. References
* CERT/CC Vulnerability Note: VU#389665 -
http://www.kb.cert.org/vuls/id/389665
* Rapid 7 Advisory: R7-0009 -
http://www.rapid7.com/advisories/R7-0009.txt
* Rapid 7 SSHredder test suite -
http://www.rapid7.com/perl/DownloadRequest.pl?PackageChoice=666
* IETF Draft: SSH Transport Layer Protocol -
http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15.
txt
* IETF Draft: SSH Protocol Architecture -
http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-
13.txt
* Privilege Separated OpenSSH -
http://www.citi.umich.edu/u/provos/ssh/privsep.html
_________________________________________________________________
The CERT Coordination Center thanks Rapid7 for researching and reporting these vulnerabilities. ___________
Author: Art Manion.
This document is available from: http://www.cert.org/advisories/CA-2002-36.html
CERT/CC Contact Information
Email: cert@cert.org Phone: +1 412-268-7090 (24-hour hotline) Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more information.
Getting security information
CERT publications and other security information are available from our web site http://www.cert.org/
To subscribe to the CERT mailing list for advisories and bulletins, send email to majordomo@cert.org. Please include in the body of your message
subscribe cert-advisory
- "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office.
NO WARRANTY Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement. ___________
Conditions for use, disclaimers, and sponsorship information
Copyright 2002 Carnegie Mellon University.
Revision History
December 16, 2002: Initial release
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBPf4qimjtSoHZUTs5AQEGbAQAiJcA+QFf2mOElaPIFwEmSRC83xlKifq/ PlmaGbUx2UnwTIi8s2ETF8KjlfQjjgO20B4ms1MMaJ/heyxklOgpeBOQ2mpa2Tnd yIY7sxpBuRjF1qS6yQ8/OrcsSqVxdxZWkPLAypV11WcJlMmSxxLdKi5t86EsWic3 xazIo8XEipc= =Nj+0 -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200212-0624", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "ios", scope: "eq", trust: 2.7, vendor: "cisco", version: "12.2", }, { model: "winscp", scope: "eq", trust: 1.6, vendor: "winscp", version: "2.0.0", }, { model: "shellguard ssh", scope: "eq", trust: 1.6, vendor: "netcomposite", version: "3.4.6", }, { model: "securenetterm", scope: "eq", trust: 1.6, vendor: "intersoft", version: "5.4.1", }, { model: "ios", scope: "eq", trust: 1.6, vendor: "cisco", version: "12.2s", }, { model: "ios", scope: "eq", trust: 1.6, vendor: "cisco", version: "12.1ea", }, { model: "ios", scope: "eq", trust: 1.6, vendor: "cisco", version: "12.0st", }, { model: "ios", scope: "eq", trust: 1.6, vendor: "cisco", version: "12.1e", }, { model: "ios", scope: "eq", trust: 1.6, vendor: "cisco", version: "12.2t", }, { model: "ios", scope: "eq", trust: 1.6, vendor: "cisco", version: "12.0s", }, { model: "ios", scope: "eq", trust: 1.6, vendor: "cisco", version: "12.1t", }, { model: "ssh client", scope: "eq", trust: 1, vendor: "fissh", version: "1.0a_for_windows", }, { model: "putty", scope: "eq", trust: 1, vendor: "putty", version: "0.49", }, { model: "secureshell", scope: "eq", trust: 1, vendor: "pragma", version: "2.0", }, { model: "putty", scope: "eq", trust: 1, vendor: "putty", version: "0.48", }, { model: "putty", scope: "eq", trust: 1, vendor: "putty", version: "0.53", }, { model: null, scope: null, trust: 0.8, vendor: "alcatel", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "f secure", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "hewlett packard", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "intersoft", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "juniper", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "nortel", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "pragma", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "putty", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "riverstone", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "ssh security", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "winscp", version: null, }, { model: "f-secure ssh", scope: "lte", trust: 0.8, vendor: "f secure", version: "3.1.0", }, { model: "ios", scope: "eq", trust: 0.8, vendor: "cisco", version: "12.0", }, { model: "ios", scope: "eq", trust: 0.8, vendor: "cisco", version: "12.1", }, { model: "pix firewall", scope: "eq", trust: 0.8, vendor: "cisco", version: "6.0", }, { model: "pix firewall", scope: "eq", trust: 0.8, vendor: "cisco", version: "6.1", }, { model: "pix firewall", scope: "eq", trust: 0.8, vendor: "cisco", version: "6.2", }, { model: "pix firewall", scope: "eq", trust: 0.8, vendor: "cisco", version: "6.3", }, { model: "tatham putty", scope: "eq", trust: 0.6, vendor: "simon", version: "0.53", }, { model: "tatham putty", scope: "eq", trust: 0.6, vendor: "simon", version: "0.49", }, { model: "tatham putty", scope: "eq", trust: 0.6, vendor: "simon", version: "0.48", }, { model: "systems secureshell", scope: "eq", trust: 0.6, vendor: "pragma", version: "2.0", }, { model: "ssh client for windows a", scope: "eq", trust: 0.6, vendor: "fissh", version: "1.0", }, { model: "tatham putty b", scope: "ne", trust: 0.6, vendor: "simon", version: "0.53", }, { model: "systems secureshell", scope: "ne", trust: 0.6, vendor: "pragma", version: "3.0", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.5", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.4", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.4", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.3", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.3", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.2.3", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.2.2", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.2", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.1", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.1", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0.2", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0.2", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0.1", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0.1", }, { model: "p1", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0", }, { model: "openssh", scope: "ne", trust: 0.6, vendor: "openssh", version: "3.0", }, { model: "lsh", scope: "ne", trust: 0.6, vendor: "lsh", version: "1.5", }, { model: "securenetterm", scope: "ne", trust: 0.6, vendor: "intersoft", version: "5.4.2", }, { model: "winsshd", scope: "ne", trust: 0.6, vendor: "bitvise", version: "3.5", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.3(0)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.1(1)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.1(0)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.1", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "156001.0", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.6(1)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.6(0)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.5", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.1(3)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.1(2)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.1(1)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.1(0)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.0(2)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.0(1)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.0(0)", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "4.0", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "3.4", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "3.3", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "3.2", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "3.1", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "2.3(5)", }, { model: "ons 15454e optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.14", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.6(1)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.6(0)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.5", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1(3)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1(2)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1(1)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1(0)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.1", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.0(2)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.0(1)", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154544.0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.4", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.3", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.2.0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.1.0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154543.0", }, { model: "ons optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "154542.3(5)", }, { model: "ons ios-based blades", scope: "eq", trust: 0.3, vendor: "cisco", version: "15454", }, { model: "ons metro edge optical transport platform", scope: "eq", trust: 0.3, vendor: "cisco", version: "15327", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.14", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.6(1)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.6(0)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.1(3)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.1(2)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.1(1)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.1(0)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.0(2)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.0(1)", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153274.0", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.4", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.3", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.2", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.1", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "153273.0", }, { model: "ios 12.2t", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.2s", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.1t", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.1ea", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.1e", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.0st", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "ios 12.0s", scope: null, trust: 0.3, vendor: "cisco", version: null, }, { model: "securecrt", scope: "ne", trust: 0.3, vendor: "vandyke", version: "3.4.3", }, { model: "vshell", scope: "ne", trust: 0.3, vendor: "van dyke", version: "1.2", }, { model: "ttssh", scope: "ne", trust: 0.3, vendor: "ttssh", version: "1.5.4", }, ], sources: [ { db: "CERT/CC", id: "VU#389665", }, { db: "BID", id: "6405", }, { db: "BID", id: "6397", }, { db: "JVNDB", id: "JVNDB-2002-000322", }, { db: "CNNVD", id: "CNNVD-200212-040", }, { db: "NVD", id: "CVE-2002-1357", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:f-secure:f-secure_ssh_server", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:ios", vulnerable: true, }, { cpe22Uri: "cpe:/h:cisco:pix_firewall", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2002-000322", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Rapid 7 Security Advisories※ advisory@rapid7.com", sources: [ { db: "CNNVD", id: "CNNVD-200212-040", }, ], trust: 0.6, }, cve: "CVE-2002-1357", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CVE-2002-1357", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2002-1357", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "VHN-5742", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "nvd@nist.gov", id: "CVE-2002-1357", trust: 1, value: "HIGH", }, { author: "CARNEGIE MELLON", id: "VU#389665", trust: 0.8, value: "11.04", }, { author: "NVD", id: "CVE-2002-1357", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-200212-040", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-5742", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2002-1357", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULHUB", id: "VHN-5742", }, { db: "VULMON", id: "CVE-2002-1357", }, { db: "JVNDB", id: "JVNDB-2002-000322", }, { db: "CNNVD", id: "CNNVD-200212-040", }, { db: "NVD", id: "CVE-2002-1357", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. Secure shell (SSH) transport layer protocol implementations from different vendors contain multiple vulnerabilities in code that handles key exchange and initialization. Both SSH servers and clients are affected. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ TCP/IP Used by higher layers SSH The transport layer protocol is SSH This is the protocol that forms the basis of the entire protocol. Key exchange, encryption technology to be used, message authentication algorithm, etc. have been agreed, and functions such as encrypted data transfer and server authentication are provided. Provided by many vendors SSH There is a deficiency in the implementation method in products that implement the protocol. Remote attackers are responsible for various malicious packets that are handled during the initial setup, key exchange, and connection phase related to this protocol. ( Packet length padding Packets with unusual lengths, packets with malformed character strings or values inserted, packets for which the algorithm is not properly defined, etc. ) By sending SSH Cause a server or client to go out of service, and SSH It is possible to execute arbitrary code with the execution authority of the server or client. However, the impact of this issue is provided by each vendor SSH It depends on the product. Details are currently unknown, SSH Communications Security Provided by SSH Secure Shell in the case of, SSH It can lead to server child processes or client crashes. Also F-Secure of F-Secure SSH In the case of, SSH If you use both products as a result, it may cause the server child process to crash, SSH The connection between the server and client may be lost. However, the client can connect by trying to reconnect. At this time, SSH Secure Shell and F-Secure SSH of Windows The effect of the edition is unknown. OpenSSH Is not affected by this issue. Cisco IOS In the case of SSH Because the server is disabled, the default setting is not affected by this issue.Please refer to the “Overview” for the impact of this vulnerability. A vulnerability with incorrect lengths of fields in SSH packets has been reported for multiple products that use SSH2 for secure communications. \nThe vulnerability has been reported to affect initialization, key exchange, and negotiation phases of SSH communications. An attacker may exploit the vulnerability to perform denial-of-service attacks against vulnerable systems and possibly to execute malicious, attacker-supplied code. \nFurther details about the vulnerability are currently unknown. This BID will be updated as more information becomes available. This vulnerability was originally described in Bugtraq ID 6397. \n\n-----BEGIN PGP SIGNED MESSAGE-----\n\n\nCERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations\n\n Original issue date: December 16, 2002\n Last revised: --\n Source: CERT/CC\n\n A complete revision history is at the end of this file. \n\n\nI. \n It provides strong encryption, cryptographic host authentication,\n and integrity protection.... These vulnerabilities include buffer\n overflows, and they occur before any user authentication takes place. \n SSHredder was primarily designed to test key exchange and other\n processes that are specific to version 2 of the SSH protocol; however,\n certain classes of tests are also applicable to version 1. \n\n Rapid7 has published a detailed advisory (R7-0009) and the SSHredder\n test suite. \n\n Common Vulnerabilities and Exposures (CVE) has assigned the following\n candidate numbers for several classes of tests performed by SSHredder:\n\n * CAN-2002-1357 - incorrect field lengths\n * CAN-2002-1358 - lists with empty elements or multiple separators\n * CAN-2002-1359 - \"classic\" buffer overflows\n * CAN-2002-1360 - null characters in strings\n\n\nII. On\n Microsoft Windows systems, SSH servers commonly run with SYSTEM\n privileges, and on UNIX systems, SSH daemons typically run with root\n privileges. \n\n\nIII. Solution\n\nApply a patch or upgrade\n\n Apply the appropriate patch or upgrade as specified by your vendor. \n See Appendix A below and the Systems Affected section of VU#389665 for\n specific information. \n\nRestrict access\n\n Limit access to SSH servers to trusted hosts and networks using\n firewalls or other packet-filtering systems. Some SSH servers may have\n the ability to restrict access based on IP addresses, or similar\n effects may be achieved by using TCP wrappers or other related\n technology. \n\n SSH clients can reduce the risk of attacks by only connecting to\n trusted servers by IP address. \n\n While these workarounds will not prevent exploitation of these\n vulnerabilities, they will make attacks somewhat more difficult, in\n part by limiting the number of potential sources of attacks. \n\n\nAppendix A. Vendor Information\n\n This appendix contains information provided by vendors. When vendors\n report new information, this section is updated and the changes are\n noted in the revision history. If a vendor is not listed below, we\n have not received their comments. The Systems Affected section of\n VU#389665 contains additional vendor status information. \n\nCisco Systems, Inc. \n\n The official statement regarding this is that we are not\n vulnerable. \n\nCray Inc. \n\n Cray Inc. supports the OpenSSH product through their Cray Open\n Software (COS) package. COS 3.3, available the end of December\n 2002, is not vulnerable. If a site is concerned, they can contact\n their local Cray representive to obtain an early copy of the\n OpenSSH contained in COS 3.3. \n\nF-Secure\n\n F-Secure SSH products are not exploitable via these attacks. While\n F-Secure SSH versions 3.1.0 build 11 and earlier crash on these\n malicious packets, we did not find ways to exploit this to gain\n unauthorized access or to run arbitrary code. Furthermore, the\n crash occurs in a forked process so the denial of service attacks\n are not possible. \n\nFujitsu\n\n Fujitsu's UXP/V OS is not vulnerable because it does not support\n SSH. \n\nIBM\n\n IBM's AIX is not vulnerabible to the issues discussed in CERT\n Vulnerability Note VU#389665. \n\nlsh\n\n I've now tried the testsuite with the latest stable release of lsh,\n lsh-1.4.2. Both the client and the server seem NOT VULNERABLE. \n\nNetScreen Technologies Inc. \n\n Tested latest versions. Not Vulnerable. \n\nOpenSSH\n\n From my testing it seems that the current version of OpenSSH (3.5)\n is not vulnerable to these problems, and some limited testing shows\n that no version of OpenSSH is vulnerable. \n\nPragma Systems, Inc. \n\n December 16, 2002\n\n Rapid 7 and CERT Coordination Center Vulnerability report VU#389665\n\n Pragma Systems Inc. of Austin, Texas, USA, was notified regarding a\n possible vulnerability with Version 2.0 of Pragma SecureShell. \n Pragma Systems tested Pragma SecureShell 2.0 and the upcoming new\n Version 3.0, and found that the attacks did cause a memory access\n protection fault on Microsoft platforms. \n\n After research, Pragma Systems corrected the problem. \n\n The problem is corrected in Pragma SecureShell Version 3.0. Any\n customers with concerns regarding this vulnerability report should\n contact Pragma Systems, Inc at support@pragmasys.com for\n information on obtaining an upgrade free of charge. Pragma's web\n site is located at www.pragmasys.com and the company can be reached\n at 1-512-219-7270. \n\nPuTTY\n\n PuTTY 0.53b addresses vulnerabilities discovered by SSHredder. \n\n\nAppendix B. References\n\n * CERT/CC Vulnerability Note: VU#389665 -\n http://www.kb.cert.org/vuls/id/389665\n * Rapid 7 Advisory: R7-0009 -\n http://www.rapid7.com/advisories/R7-0009.txt\n * Rapid 7 SSHredder test suite -\n http://www.rapid7.com/perl/DownloadRequest.pl?PackageChoice=666\n * IETF Draft: SSH Transport Layer Protocol -\n http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15. \n txt\n * IETF Draft: SSH Protocol Architecture -\n http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-\n 13.txt\n * Privilege Separated OpenSSH -\n http://www.citi.umich.edu/u/provos/ssh/privsep.html\n\n _________________________________________________________________\n\n The CERT Coordination Center thanks Rapid7 for researching and\n reporting these vulnerabilities. \n _________________________________________________________________\n\n Author: Art Manion. \n ______________________________________________________________________\n\n This document is available from:\n http://www.cert.org/advisories/CA-2002-36.html\n ______________________________________________________________________\n\n\nCERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n\nUsing encryption\n\n We strongly urge you to encrypt sensitive information sent by email. \n Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n\n If you prefer to use DES, please call the CERT hotline for more\n information. \n\nGetting security information\n\n CERT publications and other security information are available from\n our web site\n http://www.cert.org/\n\n To subscribe to the CERT mailing list for advisories and bulletins,\n send email to majordomo@cert.org. Please include in the body of your\n message\n\n subscribe cert-advisory\n\n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n ______________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the Software\n Engineering Institute is furnished on an \"as is\" basis. Carnegie\n Mellon University makes no warranties of any kind, either expressed or\n implied as to any matter including, but not limited to, warranty of\n fitness for a particular purpose or merchantability, exclusivity or\n results obtained from use of the material. Carnegie Mellon University\n does not make any warranty of any kind with respect to freedom from\n patent, trademark, or copyright infringement. \n _________________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n\n Copyright 2002 Carnegie Mellon University. \n\n Revision History\n\n December 16, 2002: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBPf4qimjtSoHZUTs5AQEGbAQAiJcA+QFf2mOElaPIFwEmSRC83xlKifq/\nPlmaGbUx2UnwTIi8s2ETF8KjlfQjjgO20B4ms1MMaJ/heyxklOgpeBOQ2mpa2Tnd\nyIY7sxpBuRjF1qS6yQ8/OrcsSqVxdxZWkPLAypV11WcJlMmSxxLdKi5t86EsWic3\nxazIo8XEipc=\n=Nj+0\n-----END PGP SIGNATURE-----\n", sources: [ { db: "NVD", id: "CVE-2002-1357", }, { db: "CERT/CC", id: "VU#389665", }, { db: "JVNDB", id: "JVNDB-2002-000322", }, { db: "BID", id: "6405", }, { db: "BID", id: "6397", }, { db: "VULHUB", id: "VHN-5742", }, { db: "VULMON", id: "CVE-2002-1357", }, { db: "PACKETSTORM", id: "30625", }, ], trust: 3.15, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CERT/CC", id: "VU#389665", trust: 3.5, }, { db: "BID", id: "6405", trust: 2.9, }, { db: "NVD", id: "CVE-2002-1357", trust: 2.9, }, { db: "SECTRACK", id: "1005813", trust: 1.7, }, { db: "SECTRACK", id: "1005812", trust: 1.7, }, { db: "BID", id: "6397", trust: 1.1, }, { db: "BID", id: "6410", trust: 0.8, }, { db: "BID", id: "6407", trust: 0.8, }, { db: "BID", id: "6408", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2002-000322", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-200212-040", trust: 0.7, }, { db: "CERT/CC", id: "CA-2002-36", trust: 0.6, }, { db: "OVAL", id: "OVAL:ORG.MITRE.OVAL:DEF:5849", trust: 0.6, }, { db: "VULNWATCH", id: "20021216 R7-0009: VULNERABILITIES IN SSH2 IMPLEMENTATIONS FROM MULTIPLE VENDORS", trust: 0.6, }, { db: "XF", id: "10868", trust: 0.6, }, { db: "VULHUB", id: "VHN-5742", trust: 0.1, }, { db: "VULMON", id: "CVE-2002-1357", trust: 0.1, }, { db: "PACKETSTORM", id: "30625", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULHUB", id: "VHN-5742", }, { db: "VULMON", id: "CVE-2002-1357", }, { db: "BID", id: "6405", }, { db: "BID", id: "6397", }, { db: "JVNDB", id: "JVNDB-2002-000322", }, { db: "PACKETSTORM", id: "30625", }, { db: "CNNVD", id: "CNNVD-200212-040", }, { db: "NVD", id: "CVE-2002-1357", }, ], }, id: "VAR-200212-0624", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-5742", }, ], trust: 0.01, }, last_update_date: "2024-11-22T22:51:32.706000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "ssh-packet-suite-vuln", trust: 0.8, url: "http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml", }, { title: "2003120403", trust: 0.8, url: "http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-2003120403.shtml", }, { title: "303", trust: 0.8, url: "http://www.ssh.com/company/newsroom/article/303/", }, { title: "ssh-packet-suite-vuln", trust: 0.8, url: "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/ssh-packet-suite-vuln-j.shtml", }, { title: "Cisco: SSH Malformed Packet Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20021219-ssh-packet", }, { title: "PuTTy-", trust: 0.1, url: "https://github.com/pbr94/PuTTy- ", }, ], sources: [ { db: "VULMON", id: "CVE-2002-1357", }, { db: "JVNDB", id: "JVNDB-2002-000322", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-5742", }, { db: "JVNDB", id: "JVNDB-2002-000322", }, { db: "NVD", id: "CVE-2002-1357", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 4.3, url: "http://www.cert.org/advisories/ca-2002-36.html", }, { trust: 3.8, url: "http://www.kb.cert.org/vuls/id/389665", }, { trust: 3.6, url: "http://www.securityfocus.com/bid/6405", }, { trust: 2.8, url: "http://securitytracker.com/id?1005812", }, { trust: 2.8, url: "http://securitytracker.com/id?1005813", }, { trust: 2.8, url: "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html", }, { trust: 2.2, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5849", }, { trust: 2.2, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/10868", }, { trust: 0.9, url: "http://www.rapid7.com/advisories/r7-0009.txt", }, { trust: 0.9, url: "http://www.rapid7.com/perl/downloadrequest.pl?packagechoice=666", }, { trust: 0.9, url: "http://www.citi.umich.edu/u/provos/ssh/privsep.html", }, { trust: 0.8, url: "http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15.txt", }, { trust: 0.8, url: "http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-13.txt", }, { trust: 0.8, url: "http://www.ciac.org/ciac/bulletins/n-028.shtml", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-1357", }, { trust: 0.8, url: "http://www.jpcert.or.jp/wr/2002/wr025001.txt", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnca-2002-36", }, { trust: 0.8, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-1357", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6407", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6408", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6397", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/6410", }, { trust: 0.6, url: "http://www.f-secure.com/", }, { trust: 0.6, url: "http://www.ssh.com", }, { trust: 0.6, url: "http://xforce.iss.net/xforce/xfdb/10868", }, { trust: 0.6, url: "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5849", }, { trust: 0.3, url: "http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml", }, { trust: 0.3, url: "/archive/1/305241", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/119.html", }, { trust: 0.1, url: "https://www.rapid7.com/db/vulnerabilities/cisco-sshredder-dos", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://github.com/pbr94/putty-", }, { trust: 0.1, url: "http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15.", }, { trust: 0.1, url: "http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-", }, { trust: 0.1, url: "http://www.cert.org/", }, { trust: 0.1, url: "http://www.cert.org/cert_pgp.key", }, { trust: 0.1, url: "https://www.pragmasys.com", }, ], sources: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULHUB", id: "VHN-5742", }, { db: "VULMON", id: "CVE-2002-1357", }, { db: "BID", id: "6405", }, { db: "BID", id: "6397", }, { db: "JVNDB", id: "JVNDB-2002-000322", }, { db: "PACKETSTORM", id: "30625", }, { db: "CNNVD", id: "CNNVD-200212-040", }, { db: "NVD", id: "CVE-2002-1357", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#389665", }, { db: "VULHUB", id: "VHN-5742", }, { db: "VULMON", id: "CVE-2002-1357", }, { db: "BID", id: "6405", }, { db: "BID", id: "6397", }, { db: "JVNDB", id: "JVNDB-2002-000322", }, { db: "PACKETSTORM", id: "30625", }, { db: "CNNVD", id: "CNNVD-200212-040", }, { db: "NVD", id: "CVE-2002-1357", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2002-12-16T00:00:00", db: "CERT/CC", id: "VU#389665", }, { date: "2002-12-23T00:00:00", db: "VULHUB", id: "VHN-5742", }, { date: "2002-12-23T00:00:00", db: "VULMON", id: "CVE-2002-1357", }, { date: "2002-12-16T00:00:00", db: "BID", id: "6405", }, { date: "2002-12-16T00:00:00", db: "BID", id: "6397", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2002-000322", }, { date: "2002-12-21T10:23:09", db: "PACKETSTORM", id: "30625", }, { date: "2002-12-23T00:00:00", db: "CNNVD", id: "CNNVD-200212-040", }, { date: "2002-12-23T05:00:00", db: "NVD", id: "CVE-2002-1357", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2003-06-18T00:00:00", db: "CERT/CC", id: "VU#389665", }, { date: "2017-10-11T00:00:00", db: "VULHUB", id: "VHN-5742", }, { date: "2017-10-11T00:00:00", db: "VULMON", id: "CVE-2002-1357", }, { date: "2006-05-16T22:04:00", db: "BID", id: "6405", }, { date: "2002-12-16T00:00:00", db: "BID", id: "6397", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2002-000322", }, { date: "2009-03-04T00:00:00", db: "CNNVD", id: "CNNVD-200212-040", }, { date: "2024-11-20T23:41:06.703000", db: "NVD", id: "CVE-2002-1357", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "30625", }, { db: "CNNVD", id: "CNNVD-200212-040", }, ], trust: 0.7, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vendors' SSH transport layer protocol implementations contain vulnerabilities in key exchange and initialization", sources: [ { db: "CERT/CC", id: "VU#389665", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Unknown", sources: [ { db: "BID", id: "6405", }, { db: "BID", id: "6397", }, ], trust: 0.6, }, }