Lucene search
DebianDEBIAN:DLA-173-1:1CF51HistoryMar 15, 2015 - 6:12 p.m.
[SECURITY] [DLA 173-1] putty security update
2015-03-1518:12:02
lists.debian.org
10
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
5.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Package : putty
Version : 0.60+2010-02-20-1+squeeze3
CVE ID : CVE-2015-2157
Debian Bug : 779488
MATTA-2015-002
Florent Daigniere discovered that PuTTY did not enforce an
acceptable range for the Diffie-Hellman server value, as required by
RFC 4253, potentially allowing an eavesdroppable connection to be
established in the event of a server weakness.
#779488
CVE-2015-2157
Patrick Coleman discovered that PuTTY did not clear SSH-2 private
key information from memory when loading and saving key files, which
could result in disclosure of private key material.
–
Colin Watson [[email protected]]
Attachment:
signature.asc
Description: Digital signature
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 7 | i386 | pterm | < 0.62-9+deb7u2 | pterm_0.62-9+deb7u2_i386.deb |
| Debian | 7 | all | putty-doc | < 0.62-9+deb7u2 | putty-doc_0.62-9+deb7u2_all.deb |
| Debian | 7 | armhf | putty-tools | < 0.62-9+deb7u2 | putty-tools_0.62-9+deb7u2_armhf.deb |
| Debian | 7 | mips | pterm | < 0.62-9+deb7u2 | pterm_0.62-9+deb7u2_mips.deb |
| Debian | 7 | s390x | putty-tools | < 0.62-9+deb7u2 | putty-tools_0.62-9+deb7u2_s390x.deb |
| Debian | 7 | ia64 | putty | < 0.62-9+deb7u2 | putty_0.62-9+deb7u2_ia64.deb |
| Debian | 7 | amd64 | pterm | < 0.62-9+deb7u2 | pterm_0.62-9+deb7u2_amd64.deb |
| Debian | 7 | sparc | putty | < 0.62-9+deb7u2 | putty_0.62-9+deb7u2_sparc.deb |
| Debian | 7 | kfreebsd-i386 | putty-tools | < 0.62-9+deb7u2 | putty-tools_0.62-9+deb7u2_kfreebsd-i386.deb |
| Debian | 7 | armel | putty | < 0.62-9+deb7u2 | putty_0.62-9+deb7u2_armel.deb |
Related
cve
cve
CVE-2015-2157
2015-03-27 14:59:05
nessus
nessus
Fedora 22 : putty-0.64-1.fc22 (2015-3070)
2015-03-17 00:00:00
Debian DLA-173-1 : putty security update
2015-03-26 00:00:00
openSUSE Security Update : putty (openSUSE-2015-218)
2015-03-12 00:00:00
prion
prion
Design/Logic Flaw
2015-03-27 14:59:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0098)
2022-01-28 00:00:00
Fedora Update for putty FEDORA-2015-3070
2015-07-07 00:00:00
PuTTY Information Disclosure vulnerability (Mar 2015) - Windows
2015-03-31 00:00:00
nvd
nvd
CVE-2015-2157
2015-03-27 14:59:05
fedora
fedora
[SECURITY] Fedora 21 Update: putty-0.64-1.fc21
2015-03-14 09:23:10
[SECURITY] Fedora 20 Update: putty-0.64-1.fc20
2015-03-14 09:13:42
[SECURITY] Fedora 22 Update: putty-0.64-1.fc22
2015-03-13 17:26:13
archlinux
archlinux
putty: information disclosure
2015-03-02 00:00:00
ubuntucve
ubuntucve
CVE-2015-2157
2015-03-27 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3190-1] putty security update
2015-03-18 00:00:00
putty information leakage
2015-03-18 00:00:00
cvelist
cvelist
CVE-2015-2157
2015-03-27 14:00:00
freebsd
freebsd
PuTTY -- fails to scrub private keys from memory after use
2015-02-28 00:00:00
kaspersky
kaspersky
KLA11444 OSI vulnerability in PuTTY
2015-03-27 00:00:00
mageia
mageia
Updated putty and filezilla packages fix CVE-2015-2157
2015-03-06 21:08:57
osv
osv
putty - security update
2015-03-15 00:00:00
debiancve
debiancve
CVE-2015-2157
2015-03-27 14:59:05
debian
debian
[SECURITY] [DSA 3190-1] putty security update
2015-03-15 19:50:11
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
5.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for DEBIAN:DLA-173-1:1CF51