[Fwd: [IPS] PUTTY SSH-Client Exploit]

Lincoln Peters lincoln_peters at hotmail.com
Sun Dec 29 20:20:02 PST 2002


I am certain that there are lots of people (many of which may be teaching or 
studying UNIX at the Santa Rosa Junior College) that will benefit from 
knowing this.


>From: "ME" <dugan at passwall.com>
>Reply-To: <talk at nblug.org>
>To: <talk at nblug.org>, <vox at lists.lugod.org>
>Subject: [Fwd: [IPS] PUTTY SSH-Client Exploit]
>Date: Sun, 29 Dec 2002 17:15:24 -0800 (PST)
>
>Since this is really a *windows* application, and not a Linux one, I
>debated passing on this notice to Linux lists. :-/
>
>Obviously, you can see my decision. ;-)
>
>(The original bugtraq post, minus the attachment is found at the bottom
>of this message. while a URL to the post with attachment can be found:
>http://online.securityfocus.com/archive/1/304609/2002-12-27/2003-01-02/0
>)
>
>Putty site:
>http://www.chiark.greenend.org.uk/~sgtatham/putty/
>
>AFAIK, there is no explicit statement of this bug being fixed in the
>latest version of putty (v0.53b):
>http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
>
>This security announcement made Dec, 28th. Original announcement made Dec
>16th, latest copy of Putty (0.53b) released December 12th. :-/
>
>
>
>-------- Original Message --------
>Subject: [IPS] PUTTY SSH-Client Exploit
>From: =?iso-8859-1?Q?Daniel_Alc=E1ntara_de_la_Hoz?=
><seguridad at iproyectos.net> Date: Sat, December 28, 2002 7:51 am
>To: <bugtraq at securityfocus.com>
>
>-----------------------------------------------------------
>I-PROYECTOS  Division Seguridad (Security Research)
>-----------------------------------------------------------
>    2003 seguridad at iproyectos.net
>
>    Proof of concept code / Exploit
>-----------------------------------------------------------
>
>  In December 16, 2002 Rapid 7.Inc released a security alert about
>vulnerabilities in ssh2 implementations from multiple vendors. We have
>used the concept to code this exploit/proof of concept.
>
>  It's a fake server to exploit the putty client. To test it you need to
>change the url in the shellcode; that file will be downloaded and run on
>exploitation.
>
>  This is intented for educational/testing purposes.
>
>  -----------------------------------------------------------
>Developed by:
>              Rand ( jcamilleri at ono.com )
>              Dani ( dani at iproyectos.net )
>
>


_________________________________________________________________
The new MSN 8: smart spam protection and 3 months FREE*. 
http://join.msn.com/?page=features/junkmail&xAPID=42&PS=47575&PI=7324&DI=7474&SU= 
http://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_smartspamprotection_3mf



More information about the talk mailing list