Thursday, March 28, 2024

PuTTY 0.71 Released – SSH Client Updated To Fix a Large Number of Security Vulnerabilities

The free and open-source SSH client updated with the fix for a number of Security Vulnerabilities including the one in RSA key exchange and the latest version is PuTTY 0.71.

PuTTY is an SSH and telnet client for the Windows platform. PuTTY is an open source Project that is available with source code and is developed and supported by a group of volunteers.

PuTTY is one of the most widely used SSH clients to Cloud server, Networking devices, and Virtual private servers. It remains as a standard tool to connect with remote devices for a number of years.

The latest release of PuTTY 0.71 includes fixes for a number of security vulnerabilities.

DSA signature check bypass

The bug affects development snapshot versions dated 2019, before 2019-02-11 of PuTTY and the release versions not impacted with the bug. The vulnerability allows an attacker to steal SSH sessions through man-in-the-middle attacks.

Integer overflow

All the version’s up to 0.70 PuTTY’ RSA key exchange failed to enforce the RSA keys specified in RFC 4432 sent by the server, starting from PuTTY 0.71, now enforces the minimum key lengths specified in RFC 4432.

Potential Malicious code execution

With Version 0.70 and below, if you launch help then it looks for the putty.chm file, if somebody inserted malicious codes with the file then it executed, this is because HTML Help files (.chm) can arrange in turn to run code of their choice.

With Version 0.71 the CHM is protected against malicious modification by the Authenticode signature.

Buffer Overflow in Unix PuTTY

Up to and including version 0.70, the Unix PuTTY tools used select(2) to watch their collections of active Unix file descriptors for activity. As of 0.71, all the Unix PuTTY tools have switched to monitoring file descriptors using poll(2), which does not have this API bug.

Authentication Prompts

Up to and including version 0.70, the PuTTY tools had no way to indicate whether a piece of terminal output was a genuine user-authentication prompt, starting from version 0.71, the data that was legitimately emitted by the local PuTTY during SSH connection setup is marked with what our code describes as a ‘trust sigil’.

Cryptographic Random Numbers

Up to version 0.70 cryptographic random number generator could occasionally use the same batch of random bytes twice, with that entire random number generator has been completely replaced with a freshly written one based on Schneier and Ferguson’s algorithm.

DoS if Many Unicode

Up to version 0.70, PuTTY’s terminal emulator supports remembering an unlimited number of combining characters in each character cell of the terminal. With 0.71, this is fixed by limiting each character cell to at most 32 combining characters.

DoS by Terminal output

With version 0.70 and below the GTK front end to PuTTY’s terminal emulator would fail an assertion in a corner case, starting from 0.71, this assertion failure is fixed. PuTTY will cleanly handle this case.

DoS by Terminal output CJK

Up to version 0.70, PuTTY’s terminal emulator would fail an assertion if the terminal is exactly one column wide and the terminal output stream tries to print a width-2 character. With 0.71, this assertion failure is fixed.

Users are recommended to PuTTY 0.71 that covers all the bugs, Latest version of PuTTY can be downloaded from here.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

Ghidra – Free Reverse Engineering Tool Released by NSA

Wireshark 3.0.0 Released With Support for Npcap Packet Capturing Library

Website

Latest articles

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles