SSH Client Vulnerability in PuTTY by Simon Tatham
CVE-2003-0048

Currently unrated

Key Information:

Vendor: Putty
Status: Putty
Vendor: CVE Published:; 19 February 2003

What is CVE-2003-0048?

PuTTY versions 0.53b and earlier contain a critical flaw that does not adequately clear logon credentials from memory. This oversight allows attackers with access to the system's memory to potentially retrieve sensitive SSH credentials, including plaintext passwords. The exploitation of this vulnerability could lead to unauthorized access and increased risk of data breaches, making it essential for users to upgrade to newer versions that address this issue.

References

http://marc.info/?l=bugtraq&m=104386492422014&w=2

mailing-listx_refsource_BUGTRAQ

http://www.securitytracker.com/id?1006014

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/6724

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 19, 2003
Vulnerability Reserved
Jan 28, 2003

Putty

What is CVE-2003-0048?

References

Timeline