Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PuTTY和KiTTY 基于栈的缓冲区溢出漏洞
Vulnerability Description
PuTTY是软件开发者Simon Tatham所研发的一套免费的Telnet、Rlogin和SSH客户端软件。该软件主要用于对Linux系统进行远程管理。KiTTY是其中的一个版本号且只能用于Windows系统。 PuTTY 0.67之前版本和KiTTY 0.66.6.3及之前版本的SCP command-line功能中存在基于栈的缓冲区溢出漏洞。远程攻击者可借助SCP下载请求的SCP-SINK file-size响应利用该漏洞造成拒绝服务(栈内存损坏)或执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A