CVEs-PoC/2004/CVE-2004-1008.md at ef21a24366f7bbc1220842143b6857a7549ce607

mirror of https://github.com/0xMarcio/cve.git synced 2026-03-20 01:14:02 +00:00

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

Integer signedness error in the ssh2_rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2_MSG_DEBUG packet with a modified stringlen parameter, which leads to a buffer overflow.

POC

Reference

http://marc.info/?l=bugtraq&m=109889312917613&w=2
http://www.chiark.greenend.org.uk/~sgtatham/putty/

Github

https://github.com/kaleShashi/PuTTY
https://github.com/pbr94/PuTTy-

792 B Raw Blame History

CVE-2004-1008

Description

POC

Reference

Github

792 B

Raw Blame History