Heap-based Buffer Overflows in PuTTY Affecting Remote Authentication
CVE-2004-1440

Currently unrated

Key Information:

Vendor

Putty

Status
Putty
Vendor
CVE Published:
31 December 2004

What is CVE-2004-1440?

Multiple heap-based buffer overflows were found in the modpow function of PuTTY prior to version 0.55. These vulnerabilities allow remote attackers to exploit SSH2 packets by sending a base argument larger than the mod argument, potentially leading to arbitrary code execution. Additionally, malicious servers can trigger a denial of service by sending a large bignum during authentication, which may crash the client and allow further exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.gentoo.org/security/en/glsa/glsa-200408-04.xml
vendor-advisoryx_refsource_GENTOO
http://www.chiark.greenend.org.uk/~sgtatham/putty/changes...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/10850
vdb-entryx_refsource_BID

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.