Weak File Permissions in PuTTY Affect Sensitive Data Access
CVE-2006-7162

Currently unrated

Key Information:

Vendor: Putty
Status: Putty
Vendor: CVE Published:; 7 March 2007

What is CVE-2006-7162?

PuTTY versions up to 0.59 are susceptible to a vulnerability due to inadequate file permissions for private key files (.ppk) generated by puttygen and session logs created by PuTTY. This oversight allows local users to potentially access sensitive information contained within these files, posing a significant risk to data confidentiality.

References

http://secunia.com/advisories/24381

third-party-advisoryx_refsource_SECUNIA

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 7, 2007

Putty

What is CVE-2006-7162?

References

Timeline