Vulnerabilities > CVE-2004-1440 - Unspecified vulnerability in Putty
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN putty
nessus
Summary
Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow (1) remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, and (2) remote malicious servers to cause a denial of service (client crash) and possibly execute arbitrary code via a large bignum during authentication.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 8 |
Nessus
NASL family | Gentoo Local Security Checks |
NASL id | GENTOO_GLSA-200408-04.NASL |
description | The remote host is affected by the vulnerability described in GLSA-200408-04 (PuTTY: Pre-authentication arbitrary code execution) PuTTY contains a vulnerability allowing a malicious server to execute arbitrary code on the connecting client before host key verification. Impact : When connecting to a server using the SSH2 protocol an attacker is able to execute arbitrary code with the permissions of the user running PuTTY by sending specially crafted packets to the client during the authentication process but before host key verification. Workaround : There is no known workaround at this time. All users are encouraged to upgrade to the latest available version of PuTTY. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 14560 |
published | 2004-08-30 |
reporter | This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/14560 |
title | GLSA-200408-04 : PuTTY: Pre-authentication arbitrary code execution |
code |
|
References
- http://marc.info/?l=bugtraq&m=109167869528138&w=2
- http://marc.info/?l=bugtraq&m=109167869528138&w=2
- http://secunia.com/advisories/12212/
- http://secunia.com/advisories/12212/
- http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
- http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
- http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modpow.html
- http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modpow.html
- http://www.gentoo.org/security/en/glsa/glsa-200408-04.xml
- http://www.gentoo.org/security/en/glsa/glsa-200408-04.xml
- http://www.securityfocus.com/bid/10850
- http://www.securityfocus.com/bid/10850
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16885
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16885