PuTTY has released its latest version of the software which includes security patches for 8 high-severity security vulnerabilities. Almost 20 months after releasing the last version of its software, the developers of PuTTY earlier this week released the latest version 0.71 for Windows and Unix operating systems.
According to an advisory, all previous versions of the PuTTY software have been found vulnerable to multiple security vulnerabilities. Here below I have listed all 8 vulnerabilities with brief information that PuTTY 0.71 has patched:
1) Authentication Prompt Spoofing — PuTTY doesn’t have a way to indicate whether a piece of terminal output is genuine, the user-interface issue could be exploited by a malicious server to generate a fake authentication prompt at the client side, prompting victims to enter their private key passphrases.
2) Code Execution via CHM Hijacking — When a user launches the online help within the PuTTY GUI tools, the software tries to locate its help file alongside its own executable.
3) Buffer Overflow in Unix PuTTY Tools — If a server opens too many port forwardings, PuTTY does not bounds-check the input file descriptor it collects while monitoring the collections of active Unix file descriptors for activity, leading to a buffer overflow issue.
4) Reusing Cryptographic Random Numbers — This issue resides in the way cryptographic random number generator in PuTTY, occasionally using the same batch of random bytes twice.
5) Integer Overflow Flaw — All prior versions of PuTTY suffers an Integer overflow issue due to missing key-size check-in RSA key exchange.
6, 7 and 8) Terminal DoS Attacks — Last three vulnerabilities in PuTTY allows a server to crash, or slow down client’s terminal by sending different text outputs.
Servers can send a long unbroken string of Unicode characters to the client’s terminal, which could lead to a denial-of-service attack by causing the system to allocate potentially unlimited amounts of memory.