|
|
Log in / Subscribe / Register

putty: information disclosure

Package(s):putty, filezilla CVE #(s):CVE-2015-2157
Created:March 9, 2015 Updated:March 29, 2015
Description: From the Mageia advisory:

PuTTY suite versions 0.51 to 0.63 fail to clear SSH-2 private key information from memory when loading and saving key files to disk, leading to potential disclosure. The issue affects keys stored on disk in encrypted and unencrypted form, and is present in PuTTY, Plink, PSCP, PSFTP, Pageant and PuTTYgen.

Alerts:
Arch Linux ASA-201503-1 putty 2015-03-02
openSUSE openSUSE-SU-2015:0474-1 putty 2015-03-11
Mageia MGASA-2015-0098 putty, filezilla 2015-03-06
Fedora FEDORA-2015-3204 putty 2015-03-14
Fedora FEDORA-2015-3160 putty 2015-03-14
Debian-LTS DLA-173-1 putty 2015-03-15
Debian DSA-3190-1 putty 2015-03-15
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds