openSUSE-SU-2016:1453-1

Опубликовано: 31 мая 2016

Источник: suse-cvrf

Описание

Security update for putty

This update to putty 0.67 fixes the following vulnerability:

CVE-2016-2563: old-style scp downloads may allow remote code execution (boo#981407)

Список пакетов

openSUSE Leap 42.1

putty-0.67-9.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2016-05/msg00131.html
E-Mail link for openSUSE-SU-2016:1453-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request.

Затронутые продукты

openSUSE Leap 42.1:putty-0.67-9.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-2563.html
CVE-2016-2563
https://bugzilla.suse.com/981407
SUSE Bug 981407

openSUSE-SU-2016:1453-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2016-2563

Описание

Затронутые продукты

Ссылки