Vulnerabilities > CVE-2015-2157 - Information Exposure vulnerability in multiple products
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 | |
| OS | 2 | |
| OS | 2 | |
| Application | 13 | |
| Application | 1 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Subverting Environment Variable Values The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
- Footprinting An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
- Exploiting Trust in Client (aka Make the Client Invisible) An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
- Browser Fingerprinting An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Many web-based attacks need prior knowledge of the web browser including the version of browser to ensure successful exploitation of a vulnerability. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim. Automating this process via Java Script as a part of the same delivery system used to exploit the browser is considered more efficient as the attacker can supply a browser fingerprinting method and integrate it with exploit code, all contained in Java Script and in response to the same web page request by the browser.
- Session Credential Falsification through Prediction This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DLA-173.NASL description MATTA-2015-002 Florent Daigniere discovered that PuTTY did not enforce an acceptable range for the Diffie-Hellman server value, as required by RFC 4253, potentially allowing an eavesdroppable connection to be established in the event of a server weakness. #779488 CVE-2015-2157 Patrick Coleman discovered that PuTTY did not clear SSH-2 private key information from memory when loading and saving key files, which could result in disclosure of private key material. -- Colin Watson [[email protected]] NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2015-03-26 plugin id 82158 published 2015-03-26 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82158 title Debian DLA-173-1 : putty security update code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DLA-173-1. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(82158); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2015-2157"); script_bugtraq_id(72825); script_name(english:"Debian DLA-173-1 : putty security update"); script_summary(english:"Checks dpkg output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security update." ); script_set_attribute( attribute:"description", value: "MATTA-2015-002 Florent Daigniere discovered that PuTTY did not enforce an acceptable range for the Diffie-Hellman server value, as required by RFC 4253, potentially allowing an eavesdroppable connection to be established in the event of a server weakness. #779488 CVE-2015-2157 Patrick Coleman discovered that PuTTY did not clear SSH-2 private key information from memory when loading and saving key files, which could result in disclosure of private key material. -- Colin Watson [[email protected]] NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2015/03/msg00010.html" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/squeeze-lts/putty" ); script_set_attribute(attribute:"solution", value:"Upgrade the affected packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:pterm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:putty"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:putty-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:putty-tools"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0"); script_set_attribute(attribute:"patch_publication_date", value:"2015/03/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/26"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"6.0", prefix:"pterm", reference:"0.60+2010-02-20-1+squeeze3")) flag++; if (deb_check(release:"6.0", prefix:"putty", reference:"0.60+2010-02-20-1+squeeze3")) flag++; if (deb_check(release:"6.0", prefix:"putty-doc", reference:"0.60+2010-02-20-1+squeeze3")) flag++; if (deb_check(release:"6.0", prefix:"putty-tools", reference:"0.60+2010-02-20-1+squeeze3")) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:deb_report_get()); else security_note(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Fedora Local Security Checks NASL id FEDORA_2015-3204.NASL description Fixed an issue when private keys weren last seen 2020-06-05 modified 2015-03-17 plugin id 81854 published 2015-03-17 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/81854 title Fedora 20 : putty-0.64-1.fc20 (2015-3204) NASL family SuSE Local Security Checks NASL id OPENSUSE-2015-218.NASL description The SSH Terminal emulator putty was updated to the new upstream release 0.64, fixing security issues and bugs : Security fix: PuTTY no longer retains the private half of users last seen 2020-06-05 modified 2015-03-12 plugin id 81762 published 2015-03-12 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/81762 title openSUSE Security Update : putty (openSUSE-2015-218) NASL family Fedora Local Security Checks NASL id FEDORA_2015-3160.NASL description Fixed an issue when private keys weren last seen 2020-06-05 modified 2015-03-17 plugin id 81853 published 2015-03-17 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81853 title Fedora 21 : putty-0.64-1.fc21 (2015-3160) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-3190.NASL description Patrick Coleman discovered that the Putty SSH client failed to wipe out unused sensitive memory. In addition Florent Daigniere discovered that exponential values in Diffie Hellman exchanges were insufficienty restricted. last seen 2020-03-17 modified 2015-03-17 plugin id 81834 published 2015-03-17 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81834 title Debian DSA-3190-1 : putty - security update NASL family Fedora Local Security Checks NASL id FEDORA_2015-3070.NASL description Fixed an issue when private keys weren last seen 2020-06-05 modified 2015-03-17 plugin id 81849 published 2015-03-17 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/81849 title Fedora 22 : putty-0.64-1.fc22 (2015-3070) NASL family Windows NASL id PUTTY_064.NASL description The remote host has a version of PuTTY installed that is prior to 0.64. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists due to a failure to clear SSH-2 private key information from the memory during the saving or loading of key files to disk. A local attacker can exploit this to disclose potentially sensitive information. (CVE-2015-2157) - An information disclose vulnerability exists in the Diffie-Hellman Key Exchange due to a failure to properly handle 0 value keys sent by the server. A man-in-the-middle attacker can exploit this to disclose potentially sensitive information. last seen 2020-06-01 modified 2020-06-02 plugin id 81669 published 2015-03-06 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81669 title PuTTY < 0.64 Multiple Information Disclosure Vulnerabilities NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_92FC2E2BC38311E48EF7080027EF73EC.NASL description Simon Tatham reports : When PuTTY has sensitive data in memory and has no further need for it, it should wipe the data out of its memory, in case malware later gains access to the PuTTY process or the memory is swapped out to disk or written into a crash dump file. An obvious example of this is the password typed during SSH login; other examples include obsolete session keys, public-key passphrases, and the private halves of public keys. PuTTY 0.63 and earlier versions, after loading a private key from a disk file, mistakenly leak a memory buffer containing a copy of the private key, in the function ssh2_load_userkey. The companion function ssh2_save_userkey (only called by PuTTYgen) can also leak a copy, but only in the case where the file it tried to save to could not be created. last seen 2020-06-01 modified 2020-06-02 plugin id 81659 published 2015-03-06 reporter This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81659 title FreeBSD : PuTTY -- fails to scrub private keys from memory after use (92fc2e2b-c383-11e4-8ef7-080027ef73ec)
References
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151790.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151839.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151933.html
- http://lists.opensuse.org/opensuse-updates/2015-03/msg00032.html
- http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
- http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html
- http://www.debian.org/security/2015/dsa-3190
- http://www.openwall.com/lists/oss-security/2015/02/28/4
- http://www.openwall.com/lists/oss-security/2015/02/28/5
- http://www.securityfocus.com/bid/72825