The sshagentchannel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "putty-tools-dbgsym": "0.67-3build0.16.04.1", "pterm": "0.67-3build0.16.04.1", "putty-doc": "0.67-3build0.16.04.1", "putty-tools": "0.67-3build0.16.04.1", "putty": "0.67-3build0.16.04.1", "putty-dbgsym": "0.67-3build0.16.04.1", "pterm-dbgsym": "0.67-3build0.16.04.1" } ] }