putty 0.56
2004-10-26 ANOTHER SECURITY HOLE, fixed in PuTTY 0.56
PuTTY 0.56, released today, fixes a serious security hole which can allow a
server to execute code of its choice on a PuTTY client connecting to it. In
SSH2, the attack can be performed before host key verification, meaning that
even if you trust the server you think you are connecting to, a different
machine could be impersonating it and could launch the attack before you
could tell the difference. We recommend everybody upgrade to 0.56 as soon as
possible.
That's two really bad holes in three months. I'd like to apologise to all our
users for the inconvenience.
http://www.chiark.greenend.org.uk/~sgtatham/putty/
--
我剛剛才知道 QQ
--
◤ ╱ ‧. █ █ ◢█◣ ██◣ ███ ◢█◣
★ ●● ◥█◤ █▆▆ ▊▊█ █ █▆▆
▲▲ █ ▆▆◤ ▊▊█ ███ ▆▆◤
中山大學˙資管地下窩 ysmis.twbbs.org
Author:ERICJ From:ericj.CDPA.nsysu.edu.tw
FreeBSD 近期熱門文章
PTT數位生活區 即時熱門文章
