Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

martin

KB wrote:

Which version of putty has newer code base, the stable v0.57 or the CVS snapshot on 2005-01-28? You must know the detail. If v0.57 includes everything in 2005-01-28 snapshot, it may be good to upgrade the ssh core asap.

0.57 is the same as 0.56, it just solves the security issue and few other bugs. 2005-01-28 includes much more changes (for example KEX panel).
KB

Thanks for confirming this, Martin. I'll update SRCF page about this.

Which version of putty has newer code base, the stable v0.57 or the CVS snapshot on 2005-01-28? You must know the detail. If v0.57 includes everything in 2005-01-28 snapshot, it may be good to upgrade the ssh core asap.

Thanks again
martin

Re: Cool down guys

I was away for week, that's why I'm replying so late. WinSCP does not share the SFTP code with Putty. So it is not vulnerable. Well at least not with the described vulnerability :-)
Guest_

After a bit search, I found the archive of the changelogs in this site,
https://winscp.net/eng/docs/history?rev=1108793832

It turns out the the SSH core is based on the development snapshot of Putty 2005-01-28 (since version 3.7.2). Does this mean version 3.7.4 is vulnerible?

Martin, would you please confirm? Sorry if I sound too aggresive. It just pity to exclude this nice product out of UCamSRCF-SSHTools. After all, we are indebt to you for your great contribution.

Thanks,
guest

I am the one who packages UCamSRCF-SSHTools (<invalid hyperlink removed by admin>). It is a package contains various Win32 SSH clients: putty/pscp/psftp, winscp, iXplorer.

I also look forward to an updated version of winscp to fix this vulneriability so I can re-packege UCamSRCf-SSHTools.

A couple of days ago (right before putty v0.57 was released) I checked the change history at https://winscp.net/eng/docs/history and I remember the version 3.7.4 uses the CVS putty. However, the about box still says it is based on putty v0.56. I am not sure if winscp v3.7.4 patches the hole or not.

PS: the change history was blanked yesterday. The page says:
history.txt · Last modified: 23 Feb 2005 23:32 by 64.107.94.21

Thanks
Guest

Here (<invalid hyperlink removed by admin>) is the official iDEFENSE advisory with some code details...
bob

is WinSCP ok? 2005-02-20 SECURITY HOLE, fixed in PuTTY 0.57

from https://www.chiark.greenend.org.uk/~sgtatham/putty/
2005-02-20 SECURITY HOLE, fixed in PuTTY 0.57

PuTTY 0.57, released today, fixes two security holes which can allow a malicious SFTP server to execute code of its choice on a PSCP or PSFTP client connecting to it. We recommend everybody upgrade to 0.57 as soon as possible.


https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html
PuTTY vulnerability vuln-sftp-readdir
summary: Vulnerability: crafted SFTP FXP_READDIR reply may allow remote code execution
present-in: 0.56
difficulty: fun: Just needs tuits, and not many of them.
class: vulnerability: This is a security vulnerability.
fixed-in: 0.57
priority: high: This should be fixed in the next release.


https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html
PuTTY vulnerability vuln-sftp-string
summary: Vulnerability: crafted SFTP string may allow remote code execution
present-in: 0.56
difficulty: fun: Just needs tuits, and not many of them.
class: vulnerability: This is a security vulnerability.
fixed-in: 0.57
priority: high: This should be fixed in the next release.


best bob