Required CVE Record Information
Description
Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been allocated.
References 9 Total
- http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414
- exchange.xforce.ibmcloud.com: putty-sftppktgetstring-bo(19403) vdb-entry
- idefense.com: 20050221 Multiple PuTTY SFTP Client Packet Parsing Integer Overflow Vulnerabilities third-party-advisory
- secunia.com: 14333 third-party-advisory
- gentoo.org: GLSA-200502-28 vendor-advisory
- http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416
- http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html
- http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html
- secunia.com: 17214 third-party-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 9 Total
- http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414 x_transferred
- exchange.xforce.ibmcloud.com: putty-sftppktgetstring-bo(19403) vdb-entryx_transferred
- idefense.com: 20050221 Multiple PuTTY SFTP Client Packet Parsing Integer Overflow Vulnerabilities third-party-advisoryx_transferred
- secunia.com: 14333 third-party-advisoryx_transferred
- gentoo.org: GLSA-200502-28 vendor-advisoryx_transferred
- http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416 x_transferred
- http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html x_transferred
- http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html x_transferred
- secunia.com: 17214 third-party-advisoryx_transferred