VulnerableCode Package Details - pkg:alpm/archlinux/putty@0.75-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-1cuj-1bzv-aaad Aliases: CVE-2021-36367	PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt (that the attacker can use to capture credential data, and use that data for purposes that are undesired by the client user).	0.76-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-1cuj-1bzv-aaad
Aliases:
CVE-2021-36367

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt (that the attacker can use to capture credential data, and use that data for purposes that are undesired by the client user).

0.76-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-db4u-nxzr-aaan	PuTTY before 0.75 on Windows allows remote servers to cause a denial of service (Windows GUI hang) by telling the PuTTY window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. NOTE: the same attack methodology may affect some OS-level GUIs on Linux or other platforms for similar reasons.	CVE-2021-33500

Vulnerability

Summary

Aliases

VCID-db4u-nxzr-aaan

PuTTY before 0.75 on Windows allows remote servers to cause a denial of service (Windows GUI hang) by telling the PuTTY window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. NOTE: the same attack methodology may affect some OS-level GUIs on Linux or other platforms for similar reasons.

CVE-2021-33500

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:47:04.135000+00:00	Arch Linux Importer	Fixing	VCID-db4u-nxzr-aaan	https://security.archlinux.org/AVG-1978	36.0.0
2025-03-28T07:47:03.556973+00:00	Arch Linux Importer	Affected by	VCID-1cuj-1bzv-aaad	https://security.archlinux.org/AVG-2143	36.0.0
2024-11-28T14:52:42.737769+00:00	Arch Linux Importer	Affected by	VCID-1cuj-1bzv-aaad	https://security.archlinux.org/AVG-2143	35.0.0
2024-09-18T02:02:27.314310+00:00	Arch Linux Importer	Fixing	VCID-db4u-nxzr-aaan	https://security.archlinux.org/AVG-1978	34.0.1
2024-09-18T02:02:26.544880+00:00	Arch Linux Importer	Affected by	VCID-1cuj-1bzv-aaad	https://security.archlinux.org/AVG-2143	34.0.1
2024-01-03T22:28:28.305773+00:00	Arch Linux Importer	Fixing	VCID-db4u-nxzr-aaan	https://security.archlinux.org/AVG-1978	34.0.0rc1
2024-01-03T22:28:27.635135+00:00	Arch Linux Importer	Affected by	VCID-1cuj-1bzv-aaad	https://security.archlinux.org/AVG-2143	34.0.0rc1