Are we vulnerable for the " PuTTY SSH handshake heap overflow" ? #79
As found on bugtraq on http://seclists.org/bugtraq/2013/Aug/26:
PuTTY versions 0.62 and earlier - as well as all software that
Are we vulnerable?
The text was updated successfully, but these errors were encountered:
The bignum code has two representations of zero, since bn_restore_invariant (and the many loops that duplicate it) leaves a single zero word in a bignum representing 0, whereas the constant 'Zero' does not have any data words at all. Cope with this in bignum_cmp. (It would be a better plan to decide on one representation and stick with it, but this is the less disruptive fix for the moment.) svn://svn.tartarus.org/sgt/putty@9996 Conflicts: sshbn.c
I've backported all the fixes listed mentioned in the 0.63 release, however I'm not convinced these are actually all the security fixes, just all the ones identified.
vuln-modmul, vuln-signature-stringlen, vuln-bignum-division-by-zero, private-key-not-wiped
I will endeavour to get an alpha or beta of p0.63-t016 or so out soon(!).