[Fwd: [IPS] PUTTY SSH-Client Exploit]
ME
dugan at passwall.com
Sun Dec 29 17:15:24 PST 2002
Since this is really a *windows* application, and not a Linux one, I
debated passing on this notice to Linux lists. :-/
Obviously, you can see my decision. ;-)
(The original bugtraq post, minus the attachment is found at the bottom
of this message. while a URL to the post with attachment can be found:
http://online.securityfocus.com/archive/1/304609/2002-12-27/2003-01-02/0
)
Putty site:
http://www.chiark.greenend.org.uk/~sgtatham/putty/
AFAIK, there is no explicit statement of this bug being fixed in the
latest version of putty (v0.53b):
http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
This security announcement made Dec, 28th. Original announcement made Dec
16th, latest copy of Putty (0.53b) released December 12th. :-/
-------- Original Message --------
Subject: [IPS] PUTTY SSH-Client Exploit
From: =?iso-8859-1?Q?Daniel_Alc=E1ntara_de_la_Hoz?=
<seguridad at iproyectos.net> Date: Sat, December 28, 2002 7:51 am
To: <bugtraq at securityfocus.com>
-----------------------------------------------------------
I-PROYECTOS Division Seguridad (Security Research)
-----------------------------------------------------------
2003 seguridad at iproyectos.net
Proof of concept code / Exploit
-----------------------------------------------------------
In December 16, 2002 Rapid 7.Inc released a security alert about
vulnerabilities in ssh2 implementations from multiple vendors. We have
used the concept to code this exploit/proof of concept.
It's a fake server to exploit the putty client. To test it you need to
change the url in the shellcode; that file will be downloaded and run on
exploitation.
This is intented for educational/testing purposes.
-----------------------------------------------------------
Developed by:
Rand ( jcamilleri at ono.com )
Dani ( dani at iproyectos.net )
More information about the talk
mailing list