[3.2] putty: Integer overflow in the ssh_agent_channel_data (CVE-2017-6542)
In PuTTY before 0.68, if SSH agent forwarding is enabled, local
attackers
that are also able to connect to the UNIX domain socket could have
overwritten heap data
Fixed in version:
putty 0.68
References:
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html
Patch:
https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=4ff22863d895cb7ebfced4cf923a012a614adaa8
(from redmine: issue id 7077, created on 2017-03-29, closed on 2017-06-29)
- Relations:
- parent #7073 (closed)
- Changesets:
- Revision 40b12caf on 2017-06-16T06:51:52Z:
main/putty: security upgrade to 0.68 (CVE-2017-6542)
Fixes #7077