#VU42657 Information disclosure in PuTTY - CVE-2013-4208

Cybersecurity Help s.r.o.

Published: 2013-08-20 | Updated: 2020-08-10

Vulnerability identifier: #VU42657

Vulnerability risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2013-4208

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
PuTTY
Client/Desktop applications / Software for system administration

Vendor: Simon Tatham

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys.

Mitigation
Install update from vendor's website.

Vulnerable software versions

PuTTY: 0.45 - 0.61

External links
https://lists.opensuse.org/opensuse-updates/2013-08/msg00035.html
https://secunia.com/advisories/54379
https://secunia.com/advisories/54533
https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html
https://www.debian.org/security/2013/dsa-2736
https://www.openwall.com/lists/oss-security/2013/08/06/11

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for FileZilla

Multiple vulnerabilities in PuTTY