Detections
Analytics

openSUSE 16 Security Update : putty (openSUSE-SU-2026:20851-1)

high Nessus Plugin ID 318189

Synopsis

The remote openSUSE host is missing a security update.

Description

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20851-1 advisory.

 Changes in putty:

 - Update to release 0.84
 * Fixed a remotely triggerable double-free in RSA key exchange.
 * Fixed a remotely triggerable crash (assertion failure - program termination) in NIST ECDSA signature verification.
 * Fixed marking of Telnet and Rlogin session data with a trust sigil after you authenticated to a proxy (possibly allowing a server to spoof a repeat proxy password prompt).
 * New ability to run a specified command before starting the connection, e.g. to perform wake-on-LAN or a port knock.
 * Display 'pre-edit text', showing the progress of using multiple keystrokes to compose a single Unicode character.
 * Improved support for to running the GUI tools on Wayland (fixed startup issues and tuned performance).
 * Configuring a SSH certificate authority used to fail unless you manually made a config directory, now fixed.
 * Fixed a spurious Network error: Socket is not connected when authenticating to some HTTP proxies.

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected putty package.

Plugin Details

Severity: High

ID: 318189

File Name: openSUSE-2026-20851-1.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 6/2/2026

Updated: 6/2/2026

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus

Vulnerability Information

CPE: cpe:/o:novell:opensuse:16.0, p-cpe:/a:novell:opensuse:putty

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 5/31/2026

Vulnerability Publication Date: 5/31/2026