WCM Forum - Einzelnen Beitrag anzeigen

_m3 · 27.10.2004, 18:57

ANOTHER SECURITY HOLE, fixed in PuTTY 0.56

PuTTY 0.56, released today, fixes a serious security hole which can allow a server to execute code of its choice on a PuTTY client connecting to it. In SSH2, the attack can be performed before host key verification, meaning that even if you trust the server you think you are connecting to, a different machine could be impersonating it and could launch the attack before you could tell the difference. We recommend everybody upgrade to 0.56 as soon as possible.
http://www.chiark.greenend.org.uk/~sgtatham/putty/

27.10.2004, 18:57	#1
_m3 Inventar Registriert seit: 24.09.2001 Beiträge: 7.335	Putty: Another Security Hole ANOTHER SECURITY HOLE, fixed in PuTTY 0.56 PuTTY 0.56, released today, fixes a serious security hole which can allow a server to execute code of its choice on a PuTTY client connecting to it. In SSH2, the attack can be performed before host key verification, meaning that even if you trust the server you think you are connecting to, a different machine could be impersonating it and could launch the attack before you could tell the difference. We recommend everybody upgrade to 0.56 as soon as possible. http://www.chiark.greenend.org.uk/~sgtatham/putty/ ____________________________________ Weiterhin zu finden auf http://martin.leyrer.priv.at , http://twitter.com/leyrer , http://www.debattierclub.net/ , http://www.tratschen.at/ und via Instant Messaging auf Jabber: m3 <ät> cargal.org .