National Vulnerability Database

National Vulnerability Database

National Vulnerability

Search Results (Refine Search)

There are 2 matching records.
Vuln ID Summary CVSS Severity

The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow.

Published: March 27, 2017; 01:59:00 PM -04:00
V2: 7.5 HIGH

PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files containing private keys generated by puttygen and (2) session logs created by putty, which allows local users to gain sensitive information by reading these files.

Published: March 07, 2007; 04:19:00 PM -05:00
V2: 1.9 LOW