CVE-2006-7162

Sažetak

PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files containing private keys generated by puttygen and (2) session logs created by putty, which allows local users to gain sensitive information by reading these files.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804
http://secunia.com/advisories/24381

CVSS

Base:	1.9
Impact:	2.9
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

05-09-2008 - 21:16

Objavljeno

07-03-2007 - 21:19