[vox] [Fwd: [IPS] PUTTY SSH-Client Exploit]

ME dugan at passwall.com
Sun Dec 29 21:39:38 PST 2002


Followup:
Version 0.53b is patched for this.

See:
http://online.securityfocus.com/archive/1/303537

About 1 page down:
*PuTTY SSH client for Windows
  v0.53 and earlier (v0.53b not affected)

So, if you use *windows* (blech) to connect to Linux boxes with Ssh,
consider an upgrade to v0.53b
(Btw, my work machine runs Linux, and a licensed copy of vmare runs in
Linux with Windows 2K, ASE - so realize, this *is* the pot calling the
kettle black scenario. ;-))

Where to upgrade?:
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
or choose a mirror:
http://www.chiark.greenend.org.uk/~sgtatham/putty/mirrors.html

Check published md5sum for it/them:
(Available as a file for download from the downloads page or mirrors)


ME said:
> Since this is really a *windows* application, and not a Linux one, I
> debated passing on this notice to Linux lists. :-/
>
> Obviously, you can see my decision. ;-)
>
> (The original bugtraq post, minus the attachment is found at the bottom
> of this message. while a URL to the post with attachment can be found:
> http://online.securityfocus.com/archive/1/304609/2002-12-27/2003-01-02/0
> )
>
> Putty site:
> http://www.chiark.greenend.org.uk/~sgtatham/putty/
>
> AFAIK, there is no explicit statement of this bug being fixed in the
> latest version of putty (v0.53b):
> http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
>
> This security announcement made Dec, 28th. Original announcement made
> Dec 16th, latest copy of Putty (0.53b) released December 12th. :-/
>
>
>
> -------- Original Message --------
> Subject: [IPS] PUTTY SSH-Client Exploit
> From: =?iso-8859-1?Q?Daniel_Alc=E1ntara_de_la_Hoz?=
> <seguridad at iproyectos.net> Date: Sat, December 28, 2002 7:51 am
> To: <bugtraq at securityfocus.com>
>
> -----------------------------------------------------------
> I-PROYECTOS  Division Seguridad (Security Research)
> -----------------------------------------------------------
>    2003 seguridad at iproyectos.net
>
>    Proof of concept code / Exploit
> -----------------------------------------------------------
>
>  In December 16, 2002 Rapid 7.Inc released a security alert about
> vulnerabilities in ssh2 implementations from multiple vendors. We have
> used the concept to code this exploit/proof of concept.
>
>  It's a fake server to exploit the putty client. To test it you need to
> change the url in the shellcode; that file will be downloaded and run on
> exploitation.
>
>  This is intented for educational/testing purposes.
>
>  -----------------------------------------------------------
> Developed by:
>              Rand ( jcamilleri at ono.com )
>              Dani ( dani at iproyectos.net )





More information about the talk mailing list