Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Are we vulnerable for the " PuTTY SSH handshake heap overflow" ? #79

Closed
wschoot opened this Issue · 3 comments

2 participants

@wschoot

Hi,

As found on bugtraq on http://seclists.org/bugtraq/2013/Aug/26:

PuTTY versions 0.62 and earlier - as well as all software that
integrates these versions of PuTTY - are vulnerable to an integer overflow
leading to heap overflow during the SSH handshake before authentication,
caused by improper bounds checking of the length parameter received from the
SSH server.

Are we vulnerable?

@FauxFaux FauxFaux referenced this issue from a commit
simon GH-79: backport supposed fix for CVE-2013-4852
"Add an assortment of extra safety checks."

Direct cherry-pick of svn://svn.tartarus.org/sgt/putty@9896
76ba385
@FauxFaux
Owner

For the stable release, probably, although it is being built with compiler checks which should make it harder to exploit.

I've released the supposed fix as p0.62-t014, just in case.

@FauxFaux FauxFaux closed this
@FauxFaux
Owner

Sigh, a new release from trunk, with /everything/ in. I'm not convinced I'm ready to do that yet.

@FauxFaux FauxFaux reopened this
@FauxFaux FauxFaux referenced this issue from a commit
simon GH-79: backport supposed fix for vuln-modmul
"Fix an array-size bug in modmul, and add some tests for it."

svn://svn.tartarus.org/sgt/putty@9977
f734d72
@FauxFaux FauxFaux referenced this issue from a commit
simon GH-79: backport supposed fix for vuln-bignum-division-by-zero
The bignum code has two representations of zero, since
bn_restore_invariant (and the many loops that duplicate it) leaves a
single zero word in a bignum representing 0, whereas the constant
'Zero' does not have any data words at all. Cope with this in
bignum_cmp.

(It would be a better plan to decide on one representation and stick
with it, but this is the less disruptive fix for the moment.)

svn://svn.tartarus.org/sgt/putty@9996

Conflicts:
	sshbn.c
48091be
@FauxFaux FauxFaux referenced this issue from a commit
simon GH-79: Backport fix for private-key-not-wiped
Another couple of memory leaks.

svn://svn.tartarus.org/sgt/putty@9988
61c5a83
@FauxFaux
Owner

I've backported all the fixes listed mentioned in the 0.63 release, however I'm not convinced these are actually all the security fixes, just all the ones identified.

vuln-modmul, vuln-signature-stringlen, vuln-bignum-division-by-zero, private-key-not-wiped

I will endeavour to get an alpha or beta of p0.63-t016 or so out soon(!).

@FauxFaux FauxFaux closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.