Date: Mon, 16 Aug 2004 15:52:32 -0700 (PDT) From: stheg olloydson <stheg_olloydson@yahoo.com> To: questions@freebsd.org Cc: jayobrien@att.net Subject: [OT] Security hole in PuTTY (Windows ssh client) Message-ID: <20040816225232.20224.qmail@web61302.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Hello, Sorry for the completely OT post, but I saw two mentions of PuTTY in one day on the list and assume it must be a popular piece of Windows software. The SANS Institute "@Risk" newsletter dated 8AUG04 contains the following item regarding PuTTY: 04.31.4 CVE: Not Available Platform: Third Party Windows Apps Title: PuTTY Remote Buffer Overflow Description: PuTTY is a free Telnet and SSH client. It has been reported that PuTTY is subject to a pre-authentication buffer overflow that can allow malicious servers to execute code on a client machine as it attempts to negotiate connection. PuTTY 0.54 and previous versions are vulnerable. Ref: http://www.coresecurity.com/common/showdoc.php?idx=417&idxseccion=10 Again, sorry for the OT post, but it seems (at least) very marginally relevant to some. We now return you regularly scheduled program of FBSD.... Regards, Stheg __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - 100MB free storage! http://promotions.yahoo.com/new_mail
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040816225232.20224.qmail>