The host is installed with PuTTY and is prone to multiple integer overflow vulnerabilities.

Successful exploitation will allow attackers to cause heap-based buffer overflows, resulting in a denial of service or potentially allowing the execution of arbitrary code.

Upgrade to version 0.63 or later, For updates refer to http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Multiple Integer overflow errors due to, - Improper processing of public-key signatures. - Improper validation of DSA signatures in the 'modmul()' function (putty/sshbn.c) - Not removing sensitive data stored in the memory after it is no longer needed. - Input is not properly validated when handling negative SSH handshake message lengths in the getstring() function in sshrsa.c and sshdss.c.

PuTTY version before 0.63 on Windows

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

• http://seclists.org/oss-sec/2013/q3/289
• http://seclists.org/oss-sec/2013/q3/291
• http://secunia.com/advisories/54354
• http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html
• http://www.osvdb.com/95970
• http://www.osvdb.com/96080
• http://www.osvdb.com/96081

---

Updated on 2017-03-28