#VU42655 Buffer overflow in PuTTY - CVE-2013-4206

Cybersecurity Help s.r.o.

Published: 2013-08-20 | Updated: 2020-08-10

Vulnerability identifier: #VU42655

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2013-4206

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
PuTTY
Client/Desktop applications / Software for system administration

Vendor: Simon Tatham

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication.

Mitigation
Install update from vendor's website.

Vulnerable software versions

PuTTY: 0.45 - 0.61

External links
https://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html
https://secunia.com/advisories/54379
https://secunia.com/advisories/54533
https://svn.tartarus.org/sgt/putty/sshbn.c?sortby=date&r1=9977&r2=9976&pathrev=9977
https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html
https://www.debian.org/security/2013/dsa-2736
https://www.openwall.com/lists/oss-security/2013/08/06/11

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for FileZilla

Multiple vulnerabilities in PuTTY