Putty
CVE-2019-17067
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection.
AnalysisAI
PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Allocation of Resources Without Limits (CWE-770), which allows attackers to exhaust system resources through uncontrolled allocation. PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection. Affected products include: Putty. Version information: before 0.73.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Set resource limits, implement rate limiting, validate input sizes.
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remot
Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows r
The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large
Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute arbitrary code and conduc
PuTTY before 0.75 on Windows allows remote servers to cause a denial of service (Windows GUI hang) by telling the PuTTY
Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71. Rated critical severity (CVS
In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client for
PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication resp
In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file
PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via
PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected b
Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71.
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today