PuTTY SSH2 Authentication Password Persistence Weakness Network Vulnerability

Summary

PuTTY is a free SSH client. It has been reported that this version does not safely handle password information. As a result, a local user may be able to recover authentication passwords.

Solution

Upgrade to the newest version of PuTTY

Severity

Classification

CVE CVE-2003-0048
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Microsoft Windows Unauthorized Digital Certificates Spoofing Vulnerability (2718704)
Sun Java Runtime Environment DoS
Microsoft SMB Signing Information Disclosure Vulnerability
Gator/GAIN Spyware Installed
Mozilla/Firefox default installation file permission flaw

PuTTY SSH2 authentication password persistence weakness

Take action and discover your vulnerabilities