Wissotsky

6y

Putty remote executuon vulnerability(no patch yet)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to unspecified input validation error when processing data, received from SSH server. A remote attacker can trick the victim to connect to a specially crafted SSH server and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

rant

administration

security

ssh

vulnerability

Ranter

Comments

6

JoshBent

25798

6y

source?
3

C0D4

69533

6y

Link please 📍
0

mrsulfat

300

6y

Sounds like a hard way to trick people who actually knows a little about computer. But how?
Who wouldn't be weirded out if the server had no login!
They could be spear phishing attacks, but how often do you receive shh info on your email?
1

Wissotsky

140

6y

Doesnt let me edit the rant

https://youtu.be/cQSPd82HsJs
1

Wissotsky

140

6y

@C0D4 https://youtu.be/cQSPd82HsJs
1

Wissotsky

140

6y

@JoshBent https://youtu.be/cQSPd82HsJs
0

JoshBent

25798

6y

so you would have to still connect to an unknown server for that to happen, it would be only problematic if you connect to unknown ssh servers or if some vps hosting gets hacked, though then you have much more problems, right?

Related Rants

devRant © 2021 Hexical Labs LLC
Privacy Policy | Terms of Service