Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • aports aports
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 750
    • Issues 750
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 332
    • Merge requests 332
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • alpine
  • aportsaports
  • Issues
  • #11919
Closed
Open
Created Sep 03, 2020 by Alicha CH@alichaReporter5 of 5 tasks completed5/5 tasks

putty: Observable Discrepancy leading to an information leak in the algorithm negotiation (CVE-2020-14002)

PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client).

Fixed In Version:

putty 0.74

Reference:

https://nvd.nist.gov/vuln/detail/CVE-2020-14002

Patch:

https://git.tartarus.org/?p=simon/putty.git;a=commit;h=08f1e2a5066ea95559945af339a60ca14560d764

Affected branches:

  • master (6a05d4c3)
  • 3.12-stable (a6711fc6)
  • 3.11-stable (566840bf)
  • 3.10-stable (200b36bd)
  • 3.9-stable (257a6fda)
Edited Oct 19, 2020 by Natanael Copa
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking