Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2005-0467 | First vendor Publication | 2005-02-21 |
Vendor | Cve | Last vendor Modification | 2017-07-11 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been allocated. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0467 |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-09-24 | Name : Gentoo Security Advisory GLSA 200502-28 (Putty) File : nvt/glsa_200502_28.nasl |
2008-09-04 | Name : FreeBSD Ports: putty File : nvt/freebsd_putty.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
14003 | PuTTY sftp_pkt_getstring() Function Remote Overflow A remote overflow exists in PuTTY. The 'sftp_pkt_getstring()' function fails to perform proper bounds checking resulting in an integer overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity. |
14002 | PuTTY fxp_readdir_recv() Function Remote Overflow A remote overflow exists in PuTTY. The 'fxp_readdir_recv()' function fails to perform proper bounds checking resulting in an integer overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2005-07-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_a413ed94836e11d9a9e70001020eed82.nasl - Type : ACT_GATHER_INFO |
2005-02-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200502-28.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:02:47 |
|
2021-04-22 01:03:00 |
|
2020-05-24 01:01:46 |
|
2020-05-23 01:36:30 |
|
2020-05-23 00:16:21 |
|
2019-03-22 12:01:19 |
|
2017-07-11 12:01:50 |
|
2016-04-26 13:17:57 |
|
2014-02-17 10:30:10 |
|
2013-05-11 11:21:34 |
|