New PuTTY Version Fixes Major Security Hole

Posted on Tuesday, August 17, 2004

If you use the excellent Windows SSH client PuTTY, make sure to go update to the latest version, 0.55, as soon as possible:

2004-08-03 SECURITY HOLE, fixed in PuTTY 0.55

PuTTY 0.55, released today, fixes a serious security hole which may allow a server to execute code of its choice on a PuTTY client connecting to it. In SSH2, the attack can be performed before host key verification, meaning that even if you trust the server you think you are connecting to, a different machine could be impersonating it and could launch the attack before you could tell the difference. We recommend everybody upgrade to 0.55 as soon as possible.


Sound Off, Loudmouth!

No comments yet. Why not leave one yourself?

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Recently on Just Well Mixed

Going Meta

Syndicate Me, Baby

Feed iconWeb feed

Share and Enjoy

Except where otherwise noted, all content on this site is provided under the terms of the Creative Commons Attribution-ShareAlike license.

As If You Didn't Know

Powered by WordPress, because why the hell not.

Obligatory Disclaimer

If you think anything I write here represents the opinions of anybody but myself, you need more help than I can give you. The opinions are all mine, folks. Nobody else's.

If that's too hard to understand... well, I'm sorry. There's only so much I can do. I'm not a therapist, and I'm not a miracle worker. I wish I could help you work through your delusional belief that I'm speaking for anyone else but myself. Honestly, I do. But in the end, that's a monkey you'll have to get off your back on your own. Sorry.