CVE-2004-1008 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Putty

4 documents4 sources

Severity

10.0CRITICALNVD

EPSS

9.2%

top 7.29%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Putty Debian Putty Tortoisecvs

Timeline

PublishedJan 10

Latest updateApr 29

Description

Integer signedness error in the ssh2_rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2_MSG_DEBUG packet with a modified stringlen parameter, which leads to a buffer overflow.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages4 packages

▶debiandebian/putty< putty 0.56-1 (bookworm)

▶Debianputty/putty< 0.56-1+3

▶NVDputty/putty9 versions+8

▶NVDtortoisecvs/tortoisecvs1.8

Patches

Patch: www.gentoo.org ↗Patch: www.securityfocus.com ↗Patch: www.gentoo.org ↗

🔴Vulnerability Details

GHSA

GHSA-2rqg-r6g4-rvxh: Integer signedness error in the ssh2_rdpkt function in PuTTY before 0↗2022-04-29

▶

OSV

CVE-2004-1008: Integer signedness error in the ssh2_rdpkt function in PuTTY before 0↗2005-01-10

▶

📋Vendor Advisories

Debian

CVE-2004-1008: putty - Integer signedness error in the ssh2_rdpkt function in PuTTY before 0.56 allows ...↗2004

▶