FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

PuTTY -- Password vulnerability

Affected packages
0.59 <= putty < 0.62


VuXML ID bbd5f486-24f1-11e1-95bc-080027ef73ec
Discovery 2011-12-10
Entry 2011-12-12
Modified 2013-08-07

Simon Tatham reports:

PuTTY 0.62 fixes a security issue present in 0.59, 0.60 and 0.61. If you log in using SSH-2 keyboard-interactive authentication (which is the usual method used by modern servers to request a password), the password you type was accidentally kept in PuTTY's memory for the rest of its run, where it could be retrieved by other processes reading PuTTY's memory, or written out to swap files or crash dumps.


CVE Name CVE-2011-4607