Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2013-4207

Published: 19/08/2013 Updated: 06/08/2021
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Putty

Vulnerability Summary

Buffer overflow in sshbn.c in PuTTY prior to 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a different vulnerability than CVE-2013-4206.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

putty putty 0.57

putty putty 0.56

putty putty 0.55

putty putty 0.54

putty putty 0.53b

simon tatham putty

putty putty 0.49

putty putty 0.48

putty putty 0.47

putty putty 0.46

putty putty 0.60

putty putty 0.58

putty putty 0.52

putty putty 0.50

putty putty 0.45

putty putty 0.61

putty putty 0.59

simon tatham putty 0.53

putty putty 0.51

putty putty 2010-06-01

Vendor Advisories

Debian CVElist Bug Report Logs: filezilla: CVE-2013-4206 CVE-2013-4207 CVE-2013-4208
Debian Bug report logs - #719070 filezilla: CVE-2013-4206 CVE-2013-4207 CVE-2013-4208 Package: filezilla; Maintainer for filezilla is Adrien Cunin <adri2000@ubuntucom>; Source for filezilla is src:filezilla (PTS, buildd, popcon) Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 8 Aug 2013 08:39:02 UT ...
Debian CVElist Bug Report Logs: putty: CVE-2013-4852
Debian Bug report logs - #718779 putty: CVE-2013-4852 Package: putty; Maintainer for putty is Colin Watson <cjwatson@debianorg>; Source for putty is src:putty (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Mon, 5 Aug 2013 11:03:02 UTC Severity: grave Tags: security Fixed in versions ...
Debian Security Advisories: DSA-2736-1 putty -- several vulnerabilities
Several vulnerabilities where discovered in PuTTY, a Telnet/SSH client for X The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-4206 Mark Wooding discovered a heap-corrupting buffer underrun bug in the modmul function which performs modular multiplication As the modmul function is called duri ...

References

CWE-119http://secunia.com/advisories/54379http://www.debian.org/security/2013/dsa-2736http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.htmlhttp://www.openwall.com/lists/oss-security/2013/08/06/11http://lists.opensuse.org/opensuse-updates/2013-08/msg00035.htmlhttp://secunia.com/advisories/54533https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719070https://www.debian.org/security/./dsa-2736
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377CVE-2024-20859CVE-2023-49606injectarbitrary CVE-2024-33788CVE-2024-30973IDORCVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook