The ssh_agent_channel_data function in PuTTY prior to 0.68 allows remote malicious users to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
putty putty |
||
opensuse project leap 42.1 |
||
opensuse leap 42.2 |