The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of PuTTY

weakness 29851

PuTTY: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of PuTTY.
Severity: 2/4.
Creation date: 22/07/2019.
Identifiers: openSUSE-SU-2019:1985-1, openSUSE-SU-2019:2017-1, VIGILANCE-VUL-29851.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of PuTTY.
Full Vigil@nce bulletin... (Free trial)

weakness bulletin CVE-2019-6110

OpenSSH scp, PuTTY PSCP: spoofing via Scp Client ANSI Codes stderr File Hidding

Synthesis of the vulnerability

An attacker can spoof displayed filenames on the scp client of OpenSSH and PuTTY, in order to deceive the victim.
Severity: 1/4.
Creation date: 14/01/2019.
Identifiers: bulletinjan2019, CVE-2019-6110, ibm10731015, openSUSE-SU-2019:0091-1, openSUSE-SU-2019:0093-1, SUSE-SU-2019:0125-1, SUSE-SU-2019:0126-1, SUSE-SU-2019:0132-1, SUSE-SU-2019:13931-1, VIGILANCE-VUL-28262.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can spoof displayed filenames on the scp client of OpenSSH and PuTTY, in order to deceive the victim.
Full Vigil@nce bulletin... (Free trial)

threat announce CVE-2019-6109

OpenSSH scp, PuTTY PSCP: spoofing via Scp Client ANSI Codes File Hidding

Synthesis of the vulnerability

An attacker can spoof displayed filenames on the scp client of OpenSSH and PuTTY, in order to deceive the victim.
Severity: 1/4.
Creation date: 14/01/2019.
Identifiers: bulletinjan2019, CVE-2019-6109, DLA-1728-1, DSA-2019-117, DSA-4387-1, DSA-4387-2, FEDORA-2019-0f4190cdb0, ibm10731015, openSUSE-SU-2019:0091-1, openSUSE-SU-2019:0093-1, openSUSE-SU-2019:0307-1, openSUSE-SU-2019:1602-1, RHSA-2019:3702-01, SUSE-SU-2019:0125-1, SUSE-SU-2019:0126-1, SUSE-SU-2019:0132-1, SUSE-SU-2019:0496-1, SUSE-SU-2019:0941-1, SUSE-SU-2019:13931-1, SUSE-SU-2019:14016-1, SUSE-SU-2019:14030-1, SUSE-SU-2019:1524-1, USN-3885-1, USN-3885-2, VIGILANCE-VUL-28261.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can spoof displayed filenames on the scp client of OpenSSH and PuTTY, in order to deceive the victim.
Full Vigil@nce bulletin... (Free trial)

cybersecurity announce 23186

PuTTY: code execution via CRYPTBASE.DLL

Synthesis of the vulnerability

An attacker can use a vulnerability via CRYPTBASE.DLL of PuTTY, in order to run code.
Severity: 2/4.
Creation date: 10/07/2017.
Identifiers: VIGILANCE-VUL-23186.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use a vulnerability via CRYPTBASE.DLL of PuTTY, in order to run code.
Full Vigil@nce bulletin... (Free trial)

weakness announce 22616

PuTTY: code execution via détournement de DLL

Synthesis of the vulnerability

An attacker can make Putty run arbitrary machine code from a DLL located in the PuTTY folder.
Severity: 2/4.
Creation date: 02/05/2017.
Identifiers: VIGILANCE-VUL-22616.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The vulnerabilities in DLL management described in the bulletins VIGILANCE-VUL-19558 and VIGILANCE-VUL-21958 have not been fully fixed.

A local attacker can therefore make Putty run arbitrary machine code from a DLL located in the PuTTY folder.
Full Vigil@nce bulletin... (Free trial)

security vulnerability CVE-2016-6167 CVE-2017-6542

PuTTY: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of PuTTY.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 24/02/2017.
Revision date: 22/03/2017.
Identifiers: CVE-2016-6167, CVE-2017-6542, FEDORA-2017-efdd962fee, openSUSE-SU-2017:0741-1, VIGILANCE-VUL-21958.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in PuTTY.

An attacker can generate an integer overflow via ssh_agent_channel_data(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2017-6542]

An attacker can create a malicious DLL, and then put it in the current directory, in order to execute code. [severity:2/4; CVE-2016-6167]
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2016-2542

Flexera InstallShield, JRSoft Inno Setup: code execution via DLL-planting

Synthesis of the vulnerability

An attacker can create a malicious DLL for Flexera InstallShield or JRSoft Inno Setup, in order to run code with administrator privileges.
Severity: 3/4.
Creation date: 09/05/2016.
Revisions dates: 02/06/2016, 06/07/2016.
Identifiers: 1610582, 1978168, 1978363, 1979808, 1980839, 1982467, 1982741, 1982809, 1983796, 1983797, 1983813, 1983814, 1983815, 1984184, 1984743, 1984863, 494999, CVE-2016-2542, ESA-2017-008, FG-IR-16-046, VIGILANCE-VUL-19558.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The products Flexera InstallShield and JRSoft Inno Setup are used to create installation program for software packages.

In some cases, the generated programs load extension modules the name and possible locations depend on the considered package. However, in some cases, the installer looks for these extension DLL in folders which are writeable by unprivileged users, while the installation program that loads and run this DLL is expected to be run by an administrator. A typical case of this is the download folder of a browser. One should note that these installers are expected to be run only a few times, so possibilities of exploit attempts are rare.

This bug has also been reported for other products in the bulletin VIGILANCE-VUL-18671.

An attacker can therefore create a malicious DLL for Flexera InstallShield or JRSoft Inno Setup, in order to run code with administrator privileges.
Full Vigil@nce bulletin... (Free trial)

cybersecurity alert CVE-2016-2563

PuTTY: buffer overflow of SCP

Synthesis of the vulnerability

An attacker, who corrupts a SCP server already known by PuTTY, can generate a buffer overflow in the PSCP client, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 07/03/2016.
Identifiers: CVE-2016-2563, FEDORA-2016-96379cb8d1, FEDORA-2016-c71532c5e2, openSUSE-SU-2016:1453-1, VIGILANCE-VUL-19112.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The PuTTY client implements the SCP protocol, which is used to copy files.

However, if a malicious SCP server returns a large SCP-SINK File-Size reply, an overflow occurs.

It can be noted this overflow occurs after the host key verification.

An attacker, who corrupts a SCP server already known by PuTTY, can therefore generate a buffer overflow in the PSCP client, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

cybersecurity note 18671

Windows: code execution during application installation

Synthesis of the vulnerability

An attacker can invite the victim to download malicious libraries on Windows, in order to run code during the installation of an application requiring these DLL.
Severity: 2/4.
Creation date: 11/01/2016.
Identifiers: sk110055, VIGILANCE-VUL-18671.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

When a user installs a new application on Windows, he downloads the installation program (install.exe for example), and then runs it.

However, several installation programs load DLL (for example graph.dll) from the current directory. So, if an attacker invited the victim to download a malicious graph.dll file, before he runs install.exe from the Download directory, the code located in the DLL is run.

See also the bulletin VIGILANCE-VUL-19558 for other impacted products.

An attacker can therefore invite the victim to download malicious libraries on Windows, in order to run code during the installation of an application requiring these DLL.
Full Vigil@nce bulletin... (Free trial)

computer weakness bulletin CVE-2015-5309

PuTTY: integer overflow of ECH

Synthesis of the vulnerability

An attacker, who owns a malicious SSH server, can invite the victim to connect with Putty, to generate an integer overflow with ECH, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 09/11/2015.
Identifiers: CERTFR-2015-AVI-540, CVE-2015-5309, DSA-3409-1, FEDORA-2015-3d17682c15, FEDORA-2015-5ad4a1f151, openSUSE-SU-2015:2023-1, VIGILANCE-VUL-18265.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The PuTTY product emulates a Unix terminal.

This terminal supports ANSI escape sequences. The ECH (erase characters, "ESC [ n X") sequence deletes several characters. However, if the number of characters is too large, an integer overflows, and Putty alters data located outside the current buffer.

An attacker, who owns a malicious SSH server, can therefore invite the victim to connect with Putty, to generate an integer overflow with ECH, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about PuTTY: