Published: 21/05/2021 Updated: 27/05/2021

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

PuTTY prior to 0.75 on Windows allows remote servers to cause a denial of service (Windows GUI hang) by telling the PuTTY window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. NOTE: the same attack methodology may affect some OS-level GUIs on Linux or other platforms for similar reasons.

Vulnerable Product	Search on Vulmon	Subscribe to Product
putty putty

PuTTY before 075 on Windows allows remote servers to cause a denial of service (Windows GUI hang) by telling the PuTTY window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls NOTE: the same attack methodology may affect some OS-level GUIs on Linux or other platforms for similar reasons ...

CSCM28 Coursework 2 (CVE-2021-33500) Students Bashiru Salami (2140326) Kin Ip Mong (2143876) Description PuTTY is an open source tool for SSH and Telnet on different platforms CVE-2021-33500 introduces a remote denial of service attack on Windows GUI using PuTTY version 074 or below The attack is based on changing the title of PuTTY window rapidly, which creates a lot of S

NVD-CWE-noinfo https://docs.ssh-mitm.at/puttydos.html https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://github.com/ssh-mitm/ssh-mitm-plugins/blob/main/ssh_mitm_plugins/ssh/putty_dos.py https://nvd.nist.gov https://github.com/bashexyz/Putty-Hack https://security.archlinux.org/CVE-2021-33500

CVE-2021-33500

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect