mirror of
https://github.com/0xMarcio/cve.git
synced 2026-04-21 09:56:14 +02:00
0xMarcio
904 B
904 B
CVE-2017-6542
Description
The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow.
POC
Reference
- http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html
- https://www.exploit-db.com/exploits/42137/