PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords by obtaining access to the process' memory.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2013-08-23T16:00:00Z

Updated: 2024-09-16T18:04:01.003Z

Reserved: 2011-11-29T00:00:00Z

Link: CVE-2011-4607

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-08-23T16:55:06.907

Modified: 2024-11-21T01:32:39.080

Link: CVE-2011-4607

cve-icon Redhat

No data.