Integer Overflow Vulnerabilities in PSFTP and PSCP Clients from PuTTY
CVE-2005-0467

Currently unrated

Key Information:

Vendor

Putty

Status
Putty
Vendor
CVE Published:
21 February 2005

What is CVE-2005-0467?

Multiple integer overflow vulnerabilities have been identified in the PSFTP and PSCP clients of PuTTY. These vulnerabilities arise in the functions responsible for parsing SFTP packets, namely sftp_pkt_getstring and fxp_readdir_recv. Under certain conditions, a malicious remote website could exploit these vulnerabilities by sending specially crafted SFTP responses, leading to heap corruption due to insufficient memory allocation. This situation could potentially allow for arbitrary code execution on the affected systems, undermining their security and integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/19403
vdb-entryx_refsource_XF
http://www.idefense.com/application/poi/display?id=201&ty...
third-party-advisoryx_refsource_IDEFENSE

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.