PuTTY < 0.55 modpow Function Arbitrary Code Execution
Medium Nessus Network Monitor Plugin ID 1998
SynopsisThe remote host is vulnerable to a buffer overflow.
DescriptionThe remote host is using a vulnerable version of PuTTY or of a PuTTY-based software (eg. PSCP or WinSCP). PuTTY is a SSH client built for Linux and UNIX variants as well as Microsoft Windows operating systems. Reportedly PuTTY is affected by a remote, pre-authentication memory corruption vulnerability and by a buffer overrun in its SCP client.
SolutionUpgrade to PuTTY 0.55 or higher.