Release date:
Updated on:
Affected Systems:
Simon Tatham PuTTY 0.52-0.63
Description:
--------------------------------------------------------------------------------
Bugtraq id: 61649
CVE (CAN) ID: CVE-2013-4207
PuTTY is an implementation of PuTTYTelnet and SSH on Windows and Unix platforms, with an xterm terminal simulator.
PuTTY 0.52-0.63 A buffer overflow vulnerability exists in mod-inverse computing that verifies the DSA Signature. attackers can use this vulnerability to launch DoS attacks or even execute arbitrary code.
<* Source: vendor
Link: http://seclists.org/oss-sec/2013/q3/291
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Simon Tatham
------------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.chiark.greenend.org.uk /~ Sgtatham/putty/