[28371] in bugtraq
Re: [IPS] PUTTY SSH-Client Exploit
daemon@ATHENA.MIT.EDU (Owen Dunn)
Sat Jan 4 18:33:29 2003
To: bugtraq@securityfocus.com
From: Owen Dunn <owend@chiark.greenend.org.uk>
Date: 04 Jan 2003 23:22:55 +0000
In-Reply-To: Daniel Alcántara de la Hoz's message of "Sat, 28 Dec 2002 19:32:01 GMT"
Message-ID: <83vg14sdo0.fsf@chiark.greenend.org.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Daniel Alcántara de la Hoz <seguridad@iproyectos.net> writes:
> In December 16, 2002 Rapid 7.Inc released a security alert about
> vulnerabilities in ssh2 implementations from multiple vendors. We
> have used the concept to code this exploit/proof of concept.
>
> It's a fake server to exploit the putty client. To test it you need
> to change the url in the shellcode; that file will be downloaded and
> run on exploitation.
I should point out that the vulnerabilities uncovered by Rapid 7 were
fixed in PuTTY 0.53b, released on November 12th 2002.
(S) (PuTTY team member)
