Back to search
CVE-2013-4206
Published: Aug 19, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63
mailing-list
x_refsource_MLIST
54533
third-party-advisory
x_refsource_SECUNIA
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html
x_refsource_CONFIRM
DSA-2736
vendor-advisory
x_refsource_DEBIAN
openSUSE-SU-2013:1347
vendor-advisory
x_refsource_SUSE
54379
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now