Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PuTTY Private Key ’putty/sshdss.c‘多个信息泄露漏洞
Vulnerability Description
PuTTY是软件开发者Simon Tatham所研发的一套免费的Telnet、Rlogin和SSH客户端软件。该软件主要用于对Linux系统进行远程管理。 PuTTY 0.62及之前版本中的‘rsa_verify’函数中存在漏洞。该漏洞源于程序没有将使用后的敏感进程内存清除,并且没能够释放含有敏感进程内存的结构。本地攻击者可利用该漏洞发现私有RSA和DSA密钥信息。
CVSS Information
N/A
Vulnerability Type
N/A