Published: 23/08/2013 Updated: 21/03/2019

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

PuTTY 0.59 up to and including 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords by obtaining access to the process' memory.

Vulnerable Product	Search on Vulmon	Subscribe to Product
putty putty 0.61
putty putty 0.60
putty putty 0.59

Debian Bug report logs - #718779 putty: CVE-2013-4852 Package: putty; Maintainer for putty is Colin Watson <cjwatson@debianorg>; Source for putty is src:putty (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Mon, 5 Aug 2013 11:03:02 UTC Severity: grave Tags: security Fixed in versions ...

Several vulnerabilities where discovered in PuTTY, a Telnet/SSH client for X The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-4206 Mark Wooding discovered a heap-corrupting buffer underrun bug in the modmul function which performs modular multiplication As the modmul function is called duri ...

CWE-119 http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/password-not-wiped.html http://seclists.org/oss-sec/2011/q4/500 http://seclists.org/oss-sec/2011/q4/499 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779 https://nvd.nist.gov https://www.debian.org/security/./dsa-2736

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-4607

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect