Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
[Full-Disclosure] Re: [ GLSA 200408-04 ] PuTTY: Pre-authentication arbitrary code execution
From: harry (Rik.Bobbaerscc.kuleuven.ac.be)
Date: Fri Aug 06 2004 - 04:28:53 CDT
Sune Kloppenborg Jeppesen wrote:
> PuTTY contains a vulnerability allowing a malicious server to execute
> arbitrary code on the connecting client before host key verification.
> When connecting to a server using the SSH2 protocol an attacker is able
> to execute arbitrary code with the permissions of the user running
> PuTTY by sending specially crafted packets to the client during the
> authentication process but before host key verification.
does this mean that everyone on the network can execute arbitrary code
on the victim's machine by simply doing a man in the middle attack?
what other security issues are attached to this? is it only a
vulnerability if the server you're on is not trusted? (in that case, you
shouldn't even trust the ssh deamon and you shouldn't be there :))
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
Rik.Bobbaerscc.kuleuven.ac.be -=- http://harry.ulyssis.org
Full-Disclosure - We believe in it.