FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-0467

This CVE name corresponds to:

Entered Topic
2005-02-20 putty -- pscp/psftp heap corruption vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2005-0467
Phase Assigned(20050218)

Description

Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been allocated.

References

Source Reference
IDEFENSE 20050221 Multiple PuTTY SFTP Client Packet Parsing Integer Overflow Vulnerabilities
CONFIRM http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html
CONFIRM http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html
CONFIRM http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414
CONFIRM http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416
GENTOO GLSA-200502-28
SECUNIA 14333
SECUNIA 17214
XF putty-sftppktgetstring-bo(19403)