Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Putty < 0.54 SSH2 Authentication Password Persistence Weakness

Low

Synopsis

The remote host is vulnerable to a flaw that allows attackers to retrieve sensitive files or data.

Description

The remote host is using a vulnerable version of PuTTY, a SSH client built for Linux and UNIX variants as well as Microsoft Windows operation systems. It has been reported that PuTTY does not safely handle password information. As a result, a local user may be able to recover authentication passwords.

Solution

Upgrade to PuTTY 0.54 or higher.