Saturday, December 2, 2023

PuTTY 0.71 Released – SSH Client Updated To Fix a Large Number of Security Vulnerabilities

The free and open-source SSH client updated with the fix for a number of Security Vulnerabilities including the one in RSA key exchange and the latest version is PuTTY 0.71.

PuTTY is an SSH and telnet client for the Windows platform. PuTTY is an open source Project that is available with source code and is developed and supported by a group of volunteers.

PuTTY is one of the most widely used SSH clients to Cloud server, Networking devices, and Virtual private servers. It remains as a standard tool to connect with remote devices for a number of years.

The latest release of PuTTY 0.71 includes fixes for a number of security vulnerabilities.

DSA signature check bypass

The bug affects development snapshot versions dated 2019, before 2019-02-11 of PuTTY and the release versions not impacted with the bug. The vulnerability allows an attacker to steal SSH sessions through man-in-the-middle attacks.

Integer overflow

All the version’s up to 0.70 PuTTY’ RSA key exchange failed to enforce the RSA keys specified in RFC 4432 sent by the server, starting from PuTTY 0.71, now enforces the minimum key lengths specified in RFC 4432.

Potential Malicious code execution

With Version 0.70 and below, if you launch help then it looks for the putty.chm file, if somebody inserted malicious codes with the file then it executed, this is because HTML Help files (.chm) can arrange in turn to run code of their choice.

With Version 0.71 the CHM is protected against malicious modification by the Authenticode signature.

Buffer Overflow in Unix PuTTY

Up to and including version 0.70, the Unix PuTTY tools used select(2) to watch their collections of active Unix file descriptors for activity. As of 0.71, all the Unix PuTTY tools have switched to monitoring file descriptors using poll(2), which does not have this API bug.

Authentication Prompts

Up to and including version 0.70, the PuTTY tools had no way to indicate whether a piece of terminal output was a genuine user-authentication prompt, starting from version 0.71, the data that was legitimately emitted by the local PuTTY during SSH connection setup is marked with what our code describes as a ‘trust sigil’.

Cryptographic Random Numbers

Up to version 0.70 cryptographic random number generator could occasionally use the same batch of random bytes twice, with that entire random number generator has been completely replaced with a freshly written one based on Schneier and Ferguson’s algorithm.

DoS if Many Unicode

Up to version 0.70, PuTTY’s terminal emulator supports remembering an unlimited number of combining characters in each character cell of the terminal. With 0.71, this is fixed by limiting each character cell to at most 32 combining characters.

DoS by Terminal output

With version 0.70 and below the GTK front end to PuTTY’s terminal emulator would fail an assertion in a corner case, starting from 0.71, this assertion failure is fixed. PuTTY will cleanly handle this case.

DoS by Terminal output CJK

Up to version 0.70, PuTTY’s terminal emulator would fail an assertion if the terminal is exactly one column wide and the terminal output stream tries to print a width-2 character. With 0.71, this assertion failure is fixed.

Users are recommended to PuTTY 0.71 that covers all the bugs, Latest version of PuTTY can be downloaded from here.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

Ghidra – Free Reverse Engineering Tool Released by NSA

Wireshark 3.0.0 Released With Support for Npcap Packet Capturing Library


Latest articles

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed...

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles