Vulnerability Details : CVE-2005-0467
Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been allocated.
Vulnerability category: Execute code
Products affected by CVE-2005-0467
- cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-0467
1.96%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-0467
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2005-0467
-
http://secunia.com/advisories/17214
About Secunia Research | Flexera
-
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html
PuTTY vulnerability vuln-sftp-stringVendor Advisory
-
http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416
IBM notice: The page you requested cannot be displayed
-
http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414
IBM notice: The page you requested cannot be displayed
-
http://www.idefense.com/application/poi/display?id=201&type=vulnerabilities
U.S. | Let There Be Change | AccenturePatch;Vendor Advisory
-
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html
PuTTY vulnerability vuln-sftp-readdirVendor Advisory
-
http://secunia.com/advisories/14333
About Secunia Research | FlexeraPatch;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/19403
PuTTY "sftp_pkt_getstring" function buffer overflow CVE-2005-0467 Vulnerability Report
-
http://www.gentoo.org/security/en/glsa/glsa-200502-28.xml
PuTTY: Remote code execution (GLSA 200502-28) — Gentoo securityPatch;Vendor Advisory
Jump to