CVE-2003-0048

Sažetak

PuTTY 0.53b and earlier does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.

Reference

http://marc.info/?l=bugtraq&m=104386492422014&w=2
http://www.idefense.com/advisory/01.28.03.txt
http://www.securityfocus.com/bid/6724
http://www.securitytracker.com/id?1006014

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

18-10-2016 - 02:28

Objavljeno

19-02-2003 - 05:00