漏洞类别:Local
漏洞等级: 
漏洞信息
PuTTY is a client program for the SSH, Telnet and Rlogin network protocols. It is integrated in multiple applications on multiple operating systems for providing SSH, Telnet and Rlogin protocol support.
A heap-corrupting integer overflow vulnerability exists in the ssh_agent_channel_data function, which processes messages sent by remote SSH clients to a forwarded agent connection.
Affected Version:
PuTTY before 0.68
漏洞危害
Successful exploitation could allow remote attackers to have unspecified impact via a large length value in an agent protocol message.
解决方案
Customers are advised to upgrade to PuTTY 0.68 or later version in order to remediate this vulnerability.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论