Re: Bugtraq post on putty "proof of concept"
From: Neil W Rickert (rickert+nn@cs.niu.edu)
Date: 12/30/02
- Next message: Erin Michaud: "Re: hostbased auth between commercial and OpenSSH"
- Previous message: NOSPAM@sonic.net: "Bugtraq post on putty "proof of concept""
- In reply to: NOSPAM@sonic.net: "Bugtraq post on putty "proof of concept""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Neil W Rickert <rickert+nn@cs.niu.edu> Date: 30 Dec 2002 02:10:19 GMT
<NOSPAM@sonic.net> writes:
>I see:(Dec. 28, 2002)
>http://online.securityfocus.com/archive/1/304609/2002-12-27/2003-01-02/
>and: (Dec. 17, 2002)
>http://online.securityfocus.com/archive/1/303724
>and (Dec 16, 2002)
>http://online.securityfocus.com/archive/1/303537
>The latest putty (beta v0.53b) was released Dec. 12, 2002.
>Upon inspecting the Changes
>( http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html )
>I see general notes of security fixes in 0.53 and 0.53b, but nothing explicit.
>Do either, neither or both of these have fixes against the reported bug in
>ssh2 implementation?
The original announcement of the problem stated:
3. Vendor status and information
... (information on other vendors deleted)
PuTTY
http://www.chiark.greenend.org.uk/~sgtatham/putty/
Vendor has been notified. The fixed version is PuTTY v0.53b,
which was released on November 12, 2002.
- Next message: Erin Michaud: "Re: hostbased auth between commercial and OpenSSH"
- Previous message: NOSPAM@sonic.net: "Bugtraq post on putty "proof of concept""
- In reply to: NOSPAM@sonic.net: "Bugtraq post on putty "proof of concept""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
