diff options
author | Josef El-Rayes <josef@FreeBSD.org> | 2004-11-04 00:05:23 +0000 |
---|---|---|
committer | Josef El-Rayes <josef@FreeBSD.org> | 2004-11-04 00:05:23 +0000 |
commit | 2b56e8635b44201385eed75f67891307e550c2c5 (patch) | |
tree | 72af6b9191efff00df990a2fd9c4a4683803d900 /security/vuxml/vuln.xml | |
parent | 451cac29b5579c994b33cc6411570ae8855f0b1e (diff) | |
download | ports-2b56e8635b44201385eed75f67891307e550c2c5.tar.gz ports-2b56e8635b44201385eed75f67891307e550c2c5.zip |
Notes
Diffstat (limited to 'security/vuxml/vuln.xml')
-rw-r--r-- | security/vuxml/vuln.xml | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 97282b50bb98..0c01b3a3e75c 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -32,6 +32,34 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="19518d22-2d05-11d9-8943-0050fc56d258"> + <topic>putty -- buffer overflow vulnerability in ssh2 support</topic> + <affects> + <package> + <name>putty</name> + <range><lt>0.56</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>There is a bug in SSH2 support that allows a server to execute + malicious code on a connecting PuTTY client. + This attack can be performed before host key verification happens, + so a different machine -- man in the middle attack -- could fake + the machine you are connecting to.</p> + </body> + </description> + <references> + <mlist msgid="1CE07882ECEE894CA2D5A89B8DEBC4010A2DD2@porgy.admin.idefense.com>">http://marc.theaimsgroup.com/?l=bugtraq&m=109890310929207</mlist> + <url>http://www.gentoo.org/security/en/glsa/glsa-200410-29.xml</url> + <url>http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ssh2-debug.html</url> + </references> + <dates> + <discovery>2004-10-26</discovery> + <entry>2004-11-02</entry> + </dates> + </vuln> + <vuln vid="e0070221-2dd8-11d9-a9e7-0001020eed82"> <topic>wzdftpd -- remote DoS</topic> <affects> |