You are here
SEARCH-LAB has reported some vulnerabilities in PuTTY
The vulnerabilities can be exploited by malicious people to potentially compromise a user's system.
The vulnerabilities are caused due to some integer overflow errors when handling the SSH handshake and can be exploited to cause heap-based buffer overflows via a negative handshake message length.
Successful exploitation of may allow execution of arbitrary code
Fixed in the source code repository
Voice:Hotline at 1-866-941-2472
World Wide Web: http://energy.gov/cio/services/incident-management
JC3 services are available to JC3-Joint Cybersecurity Coordination Center, and JC3 Contractors.