OT: security hole fixed in PuTTY (SSH)

From: anon (anon_at_anonn.com)
Date: 08/09/04 

Date: 9 Aug 2004 00:49:55 GMT

>From the official website:

Latest news

   2004-08-03 SECURITY HOLE, fixed in PuTTY 0.55

   PuTTY 0.55, released today, fixes a serious security hole which may
   allow a server to execute code of its choice on a PuTTY client
   connecting to it. In SSH2, the attack can be performed before host key
   verification, meaning that even if you trust the server you think you
   are connecting to, a different machine could be impersonating it and
   could launch the attack before you could tell the difference. We
   recommend everybody upgrade to 0.55 as soon as possible.

Relevant Pages

  • Re: sshd port forward
    ... Erik Norgaard wrote: ... >> I'm connecting from a windows box, using putty. ... >> that has the dovecot server installed. ...
    (freebsd-questions)
  • Troubles With PuTTY And SCO 3.2 Server
    ... The SCO server is reporting SSH-1.5-1.2.27 and we are connecting using ... protocol version 1. ... and it seems that it doesn't reach the server. ... I can happily get a working connection using plink.exe instead of PuTTY, ...
    (comp.security.ssh)
  • Re: Putty SSH to Linux server
    ... > Connecting to the server using ssh on putty, users log in fine but once ... > Using Secure CRT, the num pad works fine in the menu system. ...
    (comp.os.vms)
  • PuTTY SSH client vulnerability
    ... PuTTY 0.56, released today, fixes a serious security hole which can ... meaning that even if you trust the server you think you ... could launch the attack before you could tell the difference. ...
    (Bugtraq)
  • Re: sshd port forward
    ... > I'm connecting from a windows box, using putty. ... > that has the dovecot server installed. ... You should then be able to connect to your imap server by connecting to ...
    (freebsd-questions)
Quantcast