Friendica Social Network

Search

Items tagged with: ssh

Every version of the PuTTY tools from 0.68 to 0.80 inclusive has a critical vulnerability in the code that generates signatures from ECDSA private keys. Tthe effect of the vulnerability is to compromise the private key https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html #infosec #security #ssh #opensource #linux #unix #windows

PuTTY vulnerability vuln-p521-bias

^{www.chiark.greenend.org.uk}

#infosec #security #linux #opensource #windows #unix #ssh

Please wait

View in context

Simon Tatham

2 weeks ago

Simon Tatham
2 weeks ago

We've released #PuTTY version 0.81. This is a SECURITY UPDATE, fixing a #vulnerability in ECDSA signing for #SSH.

If you've used a 521-bit ECDSA key (ecdsa-sha2-nistp521) with any previous version of PuTTY, consider it compromised! Generate a new key pair, and remove the old public key from authorized_keys files.

Other key types are not affected, even other sizes of ECDSA. In particular, Ed25519 is fine.

This vulnerability has id CVE-2024-31497. Full information is at https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html

PuTTY vulnerability vuln-p521-bias

^{www.chiark.greenend.org.uk}

#vulnerability #ssh #putty

Please wait

View in context

⇧

Search

Items tagged with: ssh

nixCraft 🐧

2 weeks ago

nixCraft 🐧
2 weeks ago

PuTTY vulnerability vuln-p521-bias

Simon Tatham

2 weeks ago

Simon Tatham
2 weeks ago

PuTTY vulnerability vuln-p521-bias

Search

Items tagged with: ssh

nixCraft 🐧 2 weeks ago

nixCraft 🐧 2 weeks ago

PuTTY vulnerability vuln-p521-bias

Simon Tatham 2 weeks ago

Simon Tatham 2 weeks ago

PuTTY vulnerability vuln-p521-bias

nixCraft 🐧

2 weeks ago

nixCraft 🐧
2 weeks ago

Simon Tatham

2 weeks ago

Simon Tatham
2 weeks ago