Joined: 12 May 2004
|Posted: Wed Aug 21, 2013 12:26 pm Post subject: [ GLSA 201308-01 ] PuTTY: Multiple Vulnerabilities
|Gentoo Linux Security Advisory
Title: PuTTY: Multiple Vulnerabilities (GLSA 201308-01)
Exploitable: local, remote
Date: August 21, 2013
Bug(s): #394429, #479872
Multiple vulnerabilities have been found in Putty, allowing
attackers to compromise user system
PuTTY is a telnet and SSH client.
Vulnerable: < 0.63
Unaffected: >= 0.63
Architectures: All supported architectures
Multiple vulnerabilities have been discovered in PuTTY. Please review
the CVE identifiers referenced below for details.
An attacker could entice a user to open connection to specially crafted
SSH server, possibly resulting in execution of arbitrary code with the
privileges of the process or obtain sensitive information.
There is no known workaround at this time.
All PuTTY users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/putty-0.63"
Last edited by GLSA on Sun Feb 22, 2015 4:31 am; edited 3 times in total