The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Vulnerability of PuTTY: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of PuTTY.
Severity of this weakness: 2/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 30/09/2019.
Références of this bulletin: CVE-2019-17067, CVE-2019-17068, CVE-2019-17069, openSUSE-SU-2019:2276-1, openSUSE-SU-2019:2277-1, openSUSE-SU-2019:2292-1, VIGILANCE-VUL-30474.

Description of the vulnerability

An attacker can use several vulnerabilities of PuTTY.
Full Vigil@nce bulletin... (Free trial)

This security announce impacts software or systems such as openSUSE Leap, PuTTY, SLES, WinSCP.

Our Vigil@nce team determined that the severity of this threat is medium.

The trust level is of type confirmed by the editor, with an origin of document.

This bulletin is about 3 vulnerabilities.

An attacker with a expert ability can exploit this computer vulnerability announce.

Solutions for this threat

PuTTY: version 0.73.
The version 0.73 is fixed:
  https://www.chiark.greenend.org.uk/~sgtatham/putty/releases/0.73.html

openSUSE Leap 15: new putty packages.
New packages are available:
  openSUSE Leap 15.0: putty 0.73-lp150.18.1
  openSUSE Leap 15.1: putty 0.73-lp151.3.6.1
  SUSE LE 15 RTM: putty 0.73-bp150.4.12.1
  SUSE LE 15 SP1: putty 0.73-bp151.4.6.1

WinSCP: version 5.15.5.
The version 5.15.5 is fixed:
  https://winscp.net/eng/download.php
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a network vulnerability announce. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.