PuTTY Information for VU#389665

Multiple vendors' SSH transport layer protocol implementations contain vulnerabilities in key exchange and initialization

Status

Affected

Vendor Statement

PuTTY versions 0.53 and earlier are vulnerable to a buffer overrun discovered by SSHredder. Version 0.53b fixes this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

PuTTY acknowledged the existence of this vulnerability on 2002-11-07. See also: