Lucene search
GoogleOSV:DLA-173-1HistoryMar 15, 2015 - 12:00 a.m.
putty - security update
2015-03-1500:00:00
Google
osv.dev
12
0.0004 Low
EPSS
Percentile
5.1%
MATTA-2015-002
Florent Daigniere discovered that PuTTY did not enforce an
acceptable range for the Diffie-Hellman server value, as required by
RFC 4253, potentially allowing an eavesdroppable connection to be
established in the event of a server weakness.
#779488,
CVE-2015-2157
Patrick Coleman discovered that PuTTY did not clear SSH-2 private
key information from memory when loading and saving key files, which
could result in disclosure of private key material.
For Debian 6 Squeeze, these issues have been fixed in putty version 0.60+2010-02-20-1+squeeze3
| CPE | Name | Operator | Version |
|---|---|---|---|
| putty | eq | 0.60+2010-02-20-1+squeeze1 | |
| putty | eq | 0.60+2010-02-20-1 | |
| putty | eq | 0.60+2010-02-20-1+squeeze2 |
References
Related
cve
cve
CVE-2015-2157
2015-03-27 14:59:05
nessus
nessus
Fedora 22 : putty-0.64-1.fc22 (2015-3070)
2015-03-17 00:00:00
Debian DLA-173-1 : putty security update
2015-03-26 00:00:00
openSUSE Security Update : putty (openSUSE-2015-218)
2015-03-12 00:00:00
prion
prion
Design/Logic Flaw
2015-03-27 14:59:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0098)
2022-01-28 00:00:00
Fedora Update for putty FEDORA-2015-3070
2015-07-07 00:00:00
PuTTY Information Disclosure vulnerability (Mar 2015) - Windows
2015-03-31 00:00:00
nvd
nvd
CVE-2015-2157
2015-03-27 14:59:05
fedora
fedora
[SECURITY] Fedora 21 Update: putty-0.64-1.fc21
2015-03-14 09:23:10
[SECURITY] Fedora 20 Update: putty-0.64-1.fc20
2015-03-14 09:13:42
[SECURITY] Fedora 22 Update: putty-0.64-1.fc22
2015-03-13 17:26:13
archlinux
archlinux
putty: information disclosure
2015-03-02 00:00:00
ubuntucve
ubuntucve
CVE-2015-2157
2015-03-27 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3190-1] putty security update
2015-03-18 00:00:00
putty information leakage
2015-03-18 00:00:00
cvelist
cvelist
CVE-2015-2157
2015-03-27 14:00:00
freebsd
freebsd
PuTTY -- fails to scrub private keys from memory after use
2015-02-28 00:00:00
kaspersky
kaspersky
KLA11444 OSI vulnerability in PuTTY
2015-03-27 00:00:00
mageia
mageia
Updated putty and filezilla packages fix CVE-2015-2157
2015-03-06 21:08:57
debiancve
debiancve
CVE-2015-2157
2015-03-27 14:59:05
debian
debian
[SECURITY] [DSA 3190-1] putty security update
2015-03-15 19:50:11
[SECURITY] [DLA 173-1] putty security update
2015-03-15 18:12:02