Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2016-2563
HistoryApr 07, 2016 - 11:59 p.m.

CVE-2016-2563

2016-04-0723:59:07
CWE-119
[email protected]
web.nvd.nist.gov
46
cve-2016-2563
putty
kitty
buffer overflow
scp
remote servers
denial of service
arbitrary code

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.6%

JSON

Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request.

Affected configurations

NVD
Node
9biskittyRangeâ‰Ī0.66.6.3
OR
simon_tathamputtyRangeâ‰Ī0.66

Related

cvelist 1
freebsd 1
debiancve 1
ubuntucve 1
nessus 4
exploitpack 1
zdt 1
seebug 1
mageia 2
kaspersky 1
openvas 3
hackerone 1
nvd 1
prion 1
exploitdb 1
gentoo 1
cvelist
cvelist
CVE-2016-2563
2016-04-07 23:00:00
freebsd
freebsd
PuTTY - old-style scp downloads may allow remote code execution
2016-02-26 00:00:00
debiancve
debiancve
CVE-2016-2563
2016-04-07 23:59:07
ubuntucve
ubuntucve
CVE-2016-2563
2016-04-07 00:00:00
nessus
nessus
PuTTY < 0.67 PSCP Server Header Handling Stack Buffer Overflow
2017-12-11 00:00:00
FreeBSD : PuTTY - old-style scp downloads may allow remote code execution (7f0fbb30-e462-11e5-a3f3-080027ef73ec)
2016-03-08 00:00:00
openSUSE Security Update : putty (openSUSE-2016-667)
2016-06-01 00:00:00
exploitpack
exploitpack
Putty pscp 0.66 - Stack Buffer Overwrite
2016-03-10 00:00:00
zdt
zdt
Putty pscp 0.66 - Stack Buffer Overwrite
2016-03-10 00:00:00
seebug
seebug
PuTTY pscp åŪĒ户įŦŊ栈įž“å†ē匚čĶ†į›–(CVE-2016-2563)
2016-03-07 00:00:00
mageia
mageia
Updated filezilla packages fix security vulnerability
2016-03-25 09:38:37
Updated putty packages fix CVE-2016-2563
2016-03-16 21:07:23
kaspersky
kaspersky
KLA11442 ACE vulnerability in PuTTY
2016-04-07 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2016-0112)
2016-03-17 00:00:00
PuTTY DoS Vulnerability (Apr 2016) - Windows
2016-04-21 00:00:00
Mageia: Security Advisory (MGASA-2016-0118)
2016-03-31 00:00:00
hackerone
hackerone
Internet Bug Bounty: putty pscp client-side post-auth stack buffer overwrite when processing remote file size
2016-03-06 10:10:58
nvd
nvd
CVE-2016-2563
2016-04-07 23:59:07
prion
prion
Stack overflow
2016-04-07 23:59:00
exploitdb
exploitdb
Putty pscp 0.66 - Stack Buffer Overwrite
2016-03-10 00:00:00
gentoo
gentoo
PuTTY: Multiple vulnerabilities
2016-06-05 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.6%

JSON
Related for CVE-2016-2563
cvelist1freebsd1debiancve1ubuntucve1nessus4exploitpack1zdt1seebug1mageia2kaspersky1openvas3hackerone1nvd1prion1exploitdb1gentoo1