DescriptionHeap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having important severity.
|National Vulnerability Database
SUSE Security Advisories:
List of released packages
|Fixed package version(s)
openSUSE Tumbleweed GA filezilla-220.127.116.11-1.1
SUSE Timeline for this CVECVE page created: Tue Aug 20 18:18:23 2013
CVE page last modified: Thu Dec 7 13:06:27 2023