CVE-2013-4206
19.08.2013, 23:55
Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication.Enginsight
| Vendor | Product | Version |
|---|---|---|
| putty | putty | 0.45 |
| putty | putty | 0.46 |
| putty | putty | 0.47 |
| putty | putty | 0.48 |
| putty | putty | 0.49 |
| putty | putty | 0.50 |
| putty | putty | 0.51 |
| putty | putty | 0.52 |
| putty | putty | 0.53b:b |
| putty | putty | 0.54 |
| putty | putty | 0.55 |
| putty | putty | 0.56 |
| putty | putty | 0.57 |
| putty | putty | 0.58 |
| putty | putty | 0.59 |
| putty | putty | 0.60 |
| putty | putty | 0.61 |
| simon_tatham | putty | 𝑥 ≤ 0.62 |
| simon_tatham | putty | 0.53 |
𝑥
= Vulnerable software versions
Debian Releases
Debian Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| filezilla |
| ||||||||||||||||
| putty |
|
Ubuntu Releases
Common Weakness Enumeration
References