FreeBSD : PuTTY -- fails to scrub private keys from memory after use (92fc2e2b-c383-11e4-8ef7-080027ef73ec)

low Nessus Plugin ID 81659

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Simon Tatham reports :

When PuTTY has sensitive data in memory and has no further need for it, it should wipe the data out of its memory, in case malware later gains access to the PuTTY process or the memory is swapped out to disk or written into a crash dump file. An obvious example of this is the password typed during SSH login; other examples include obsolete session keys, public-key passphrases, and the private halves of public keys.

PuTTY 0.63 and earlier versions, after loading a private key from a disk file, mistakenly leak a memory buffer containing a copy of the private key, in the function ssh2_load_userkey. The companion function ssh2_save_userkey (only called by PuTTYgen) can also leak a copy, but only in the case where the file it tried to save to could not be created.

Solution

Update the affected package.

See Also

http://www.nessus.org/u?474c3142

http://www.nessus.org/u?f43c292b

Plugin Details

Severity: Low

ID: 81659

File Name: freebsd_pkg_92fc2e2bc38311e48ef7080027ef73ec.nasl

Version: 1.6

Type: local

Published: 3/6/2015

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 1.4

CVSS v2

Risk Factor: Low

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:putty, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 3/5/2015

Vulnerability Publication Date: 2/28/2015

Reference Information

CVE: CVE-2015-2157