Vulnerabilities (CVE)

Vendor filter

Simon Tatham Subscribe

Filter

3 total CVE
CVE Vendors Products Updated CVSS
CVE-2015-2157 6 Debian, Simon Tatham, Fedoraproject and 3 more 6 Debian Linux, Putty, Fedora and 3 more 2019-03-21 2.1
The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory.
CVE-2011-4607 2 Simon Tatham, Putty 2 Putty, Putty 2019-03-21 2.1
PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords by obtaining access to the process' memory.
CVE-2013-4208 2 Simon Tatham, Putty 2 Putty, Putty 2019-03-21 2.1
The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys.