Buffer Overflow Vulnerability in PuTTY's ssh_agent_channel_data Function

Buffer Overflow Vulnerability in PuTTY's ssh_agent_channel_data Function

CVE-2017-6542 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow.

Learn more about our Web Application Penetration Testing UK.