Date: Mon, 9 Nov 2015 08:06:55 +0000 (UTC) From: Matthias Andree <mandree@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r401085 - head/security/vuxml Message-ID: <201511090806.tA986taL093486@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mandree Date: Mon Nov 9 08:06:55 2015 New Revision: 401085 URL: https://svnweb.freebsd.org/changeset/ports/401085 Log: Record PuTTY vuln' CVE-2015-5309 (Erase char handling). Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Mon Nov 9 07:46:26 2015 (r401084) +++ head/security/vuxml/vuln.xml Mon Nov 9 08:06:55 2015 (r401085) @@ -58,6 +58,46 @@ Notes: --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="0cb0afd9-86b8-11e5-bf60-080027ef73ec"> + <topic>PuTTY -- memory corruption in terminal emulator's erase character handling</topic> + <affects> + <package> + <name>putty</name> + <range><ge>0.54</ge><lt>0.66</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Ben Harris reports:</p> + <blockquote cite="http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html">; + <p>Versions of PuTTY and pterm between 0.54 and 0.65 inclusive have a + potentially memory-corrupting integer overflow in the handling of + the ECH (erase characters) control sequence in the terminal + emulator.</p> + <p>To exploit a vulnerability in the terminal emulator, an attacker + must be able to insert a carefully crafted escape sequence into the + terminal stream. For a PuTTY SSH session, this must be before + encryption, so the attacker likely needs access to the server you're + connecting to. For instance, an attacker on a multi-user machine + that you connect to could trick you into running cat on a file they + control containing a malicious escape sequence. (Unix write(1) is + not a vector for this, if implemented correctly.)</p> + <p>Only PuTTY, PuTTYtel, and pterm are affected; other PuTTY tools do + not include the terminal emulator, so cannot be exploited this + way.</p> + </blockquote> + </body> + </description> + <references> + <url>http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html</url>; + <cvename>CVE-2015-5309</cvename> + </references> + <dates> + <discovery>2015-11-06</discovery> + <entry>2015-11-09</entry> + </dates> + </vuln> + <vuln vid="18b3c61b-83de-11e5-905b-ac9e174be3af"> <topic>OpenOffice 4.1.1 -- multiple vulnerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201511090806.tA986taL093486>