PuTTY 0.53b and earlier does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Putty | Putty | 0.48 (including) | 0.48 (including) |
Putty | Putty | 0.49 (including) | 0.49 (including) |
Putty | Putty | 0.53 (including) | 0.53 (including) |
Putty | Putty | 0.53b (including) | 0.53b (including) |
Putty | Ubuntu | upstream | * |