Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
putty vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2004-1008
Integer signedness error in the ssh2_rdpkt function in PuTTY prior to 0.56 allows remote malicious users to execute arbitrary code via a SSH2_MSG_DEBUG packet with a modified stringlen parameter, which leads to a buffer overflow.
Putty Putty 0.49
Putty Putty 0.50
Putty Putty 0.51
Putty Putty 0.53b
Putty Putty 0.54
Putty Putty 0.52
Putty Putty 0.53
Putty Putty 0.48
Putty Putty 0.55
Tortoisecvs Tortoisecvs 1.8
10
CVSSv2
CVE-2002-1358
Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote malicious users to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
Cisco Ios 12.0s
Cisco Ios 12.0st
Cisco Ios 12.1t
Cisco Ios 12.2
Cisco Ios 12.2s
Cisco Ios 12.1e
Cisco Ios 12.1ea
Cisco Ios 12.2t
Fissh Ssh Client 1.0a For Windows
Intersoft Securenetterm 5.4.1
Putty Putty 0.48
Putty Putty 0.49
Netcomposite Shellguard Ssh 3.4.6
Pragma Systems Secureshell 2.0
Putty Putty 0.53
Winscp Winscp 2.0.0
10
CVSSv2
CVE-2002-1359
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote malicious users to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.
Cisco Ios 12.2s
Cisco Ios 12.2t
Cisco Ios 12.1e
Cisco Ios 12.1ea
Cisco Ios 12.0s
Cisco Ios 12.0st
Cisco Ios 12.1t
Cisco Ios 12.2
Putty Putty 0.53
Winscp Winscp 2.0.0
Netcomposite Shellguard Ssh 3.4.6
Pragma Systems Secureshell 2.0
Fissh Ssh Client 1.0a For Windows
Intersoft Securenetterm 5.4.1
Putty Putty 0.48
Putty Putty 0.49
2 EDB exploits
10
CVSSv2
CVE-2002-1360
Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote malicious users to cause a denial of service or possibly execute arbitrary code due to interactions with t...
Cisco Ios 12.1t
Cisco Ios 12.2
Cisco Ios 12.0s
Cisco Ios 12.0st
Cisco Ios 12.2s
Cisco Ios 12.2t
Cisco Ios 12.1e
Cisco Ios 12.1ea
Pragma Systems Secureshell 2.0
Putty Putty 0.48
Fissh Ssh Client 1.0a For Windows
Putty Putty 0.49
Putty Putty 0.53
Winscp Winscp 2.0.0
Intersoft Securenetterm 5.4.1
Netcomposite Shellguard Ssh 3.4.6
10
CVSSv2
CVE-2002-1357
Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote malicious users to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
Cisco Ios 12.1ea
Cisco Ios 12.1t
Cisco Ios 12.2t
Cisco Ios 12.2
Cisco Ios 12.2s
Cisco Ios 12.0s
Cisco Ios 12.0st
Cisco Ios 12.1e
Netcomposite Shellguard Ssh 3.4.6
Pragma Systems Secureshell 2.0
Putty Putty 0.53
Winscp Winscp 2.0.0
Putty Putty 0.48
Putty Putty 0.49
Fissh Ssh Client 1.0a For Windows
Intersoft Securenetterm 5.4.1
7.5
CVSSv2
CVE-2019-17067
PuTTY prior to 0.73 on Windows improperly opens port-forwarding listening sockets, which allows malicious users to listen on the same port to steal an incoming connection.
Putty Putty
7.5
CVSSv2
CVE-2019-9895
In PuTTY versions prior to 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding.
Putty Putty
Fedoraproject Fedora 28
Fedoraproject Fedora 29
7.5
CVSSv2
CVE-2019-9898
Potential recycling of random numbers used in cryptography exists within PuTTY prior to 0.71.
Putty Putty
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.0
Netapp Oncommand Unified Manager -
7.5
CVSSv2
CVE-2017-6542
The ssh_agent_channel_data function in PuTTY prior to 0.68 allows remote malicious users to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, w...
Putty Putty
Opensuse Project Leap 42.1
Opensuse Leap 42.2
1 EDB exploit
7.5
CVSSv2
CVE-2016-2563
Stack-based buffer overflow in the SCP command-line utility in PuTTY prior to 0.67 and KiTTY 0.66.6.3 and previous versions allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP d...
9bis Kitty
Simon Tatham Putty
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987
buffer overflow
CVE-2024-28890
CVE-2024-27574
CVE-2024-27347
CVE-2024-31450
privilege
SSTI
CVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »