Debian Security Advisory 3409-1

Debian Security Advisory 3409-1: Posted Dec 2, 2015; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3409-1 - A memory-corrupting integer overflow in the handling of the ECH (erase characters) control sequence was discovered in PuTTY's terminal emulator. A remote attacker can take advantage of this flaw to mount a denial of service or potentially to execute arbitrary code.; tags | advisory, remote, denial of service, overflow, arbitrary; systems | linux, debian; advisories | CVE-2015-5309; SHA-256 | 7d59ac8ea28d2ed74210302eddac180af86f65d5dd80870135bd13e7d638b399; Download | Favorite | View

Debian Security Advisory 3409-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3409-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
December 01, 2015                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : putty
CVE ID         : CVE-2015-5309

A memory-corrupting integer overflow in the handling of the ECH (erase
characters) control sequence was discovered in PuTTY's terminal
emulator. A remote attacker can take advantage of this flaw to mount a
denial of service or potentially to execute arbitrary code.

For the oldstable distribution (wheezy), this problem has been fixed
in version 0.62-9+deb7u3.

For the stable distribution (jessie), this problem has been fixed in
version 0.63-10+deb8u1.

For the testing distribution (stretch), this problem has been fixed
in version 0.66-1.

For the unstable distribution (sid), this problem has been fixed in
version 0.66-1.

We recommend that you upgrade your putty packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWXgVAAAoJEAVMuPMTQ89ExMoP/2nCjJVLuClDWHYbdQF4k0KB
d1pjGR4stMEODyawKxZm4DH374YTpcgPi+U+PBMFrZcJBMNQjOEwskKKYXq6utVF
9n/9it4d5OybtXu3BXvzGdyrPeP2vtfvPSNTKc45qbTxi+lSMWxRtZYdlX7jqF+w
c2FHq6AduWe+Hb0yCFyyC5C/lOGGp2ZTV8cCHq4FBxF0UjOzWb4FH4MJtDfCUr3C
j/KU8CRdqmhT9I2czQNQX/OZGzVLgTV91XxLXJZ/ycrSIB/rqayg5auAY8IKfG1N
ZOXPNaDIx7LPg+OkGjNUO7MfAs0MDIh8eY6ECD+L2lZpKHKCPYdkIbF9J0/XayAk
BpYjfKWdImd3TiXOXPBIRmNULxNoTfC6Y7fppM0zQ1Y0KxoZKlOJHM8wvdcfubK+
fcS+K3zE6SWvyOiLRW3GK+dqsJWDeUt7hdPzHhhothLlIb2TlVDrpKEYBEZ2FZms
Wys53kc9H83QIvRv3hdYu9cV4cvKQp+cxlfkvetnpSealTrPYuZNtayLKmqfobYR
C5/pa+x2gX4DKy4VTKqMHdDwzPnA2Wy+R/nw7Qj56TbIVEEnw0iT5QTB4HdOZmGm
liMBoNF4VHWjNkNtTtfozkmj8KWF7BwFt+0PpSv2P5SyW6ddUFMsN03gV4s+MHgf
ibT4S9zG7LQpVeA8LPzM
=ohmG
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 294 files
Ubuntu 64 files
Debian 24 files
Apple 14 files
LiquidWorm 12 files
Gentoo 8 files
Google Security Research 4 files
Andrey Stoykov 3 files
Jann Horn 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,171)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,070)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,426)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,010)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

Debian Security Advisory 3409-1

Debian Security Advisory 3409-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 3409-1

Share This

Debian Security Advisory 3409-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems