PuTTY 0.68 up to and including 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle malicious users to target initial connection attempts (where no host key for the server has been cached by the client).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
putty putty |
||
netapp oncommand unified manager core package - |
||
fedoraproject fedora 31 |
||
fedoraproject fedora 32 |