Wissotsky

7y

Putty remote executuon vulnerability(no patch yet)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to unspecified input validation error when processing data, received from SSH server. A remote attacker can trick the victim to connect to a specially crafted SSH server and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

rant

administration

security

ssh

vulnerability

Ranter

Comments

6

JoshBent

25480

7y

source?
3

C0D4

68146

7y

Link please 📍
0

mrsulfat

295

7y

Sounds like a hard way to trick people who actually knows a little about computer. But how?
Who wouldn't be weirded out if the server had no login!
They could be spear phishing attacks, but how often do you receive shh info on your email?
1

Wissotsky

140

7y

Doesnt let me edit the rant

https://youtu.be/cQSPd82HsJs
1

Wissotsky

140

7y

@C0D4 https://youtu.be/cQSPd82HsJs
1

Wissotsky

140

7y

@JoshBent https://youtu.be/cQSPd82HsJs
0

JoshBent

25480

7y

so you would have to still connect to an unknown server for that to happen, it would be only problematic if you connect to unknown ssh servers or if some vps hosting gets hacked, though then you have much more problems, right?

Related Rants

devRant © 2021 Hexical Labs LLC
Privacy Policy | Terms of Service