PuTTY 0.84 is available and patches three security issues that could allow remote attackers to crash the client or to mislead users during insecure sessions.
The flaws are rated low severity but touch core components SSH key exchange and Telnet session handling so updating is recommended for anyone using PuTTY for remote access.
PuTTY 0.84 Update Patches
One fix addresses an elliptic-curve cryptography problem in ECDSA signature verification. Under a specific mathematical condition, signature verification could trigger an assertion failure and crash PuTTY, Openwall reported.
A man-in-the-middle attacker can exploit this by sending a crafted host key and signature during the initial connection. Because PuTTY verifies the signature before consulting the host-key cache, the crash can occur without any warning to the user.
This is a denial-of-service outcome (loss of the client session and any unsaved session state) rather than a code-execution issue. The flaw affects NIST curves P-256, P-384, and P-521; modern curves such as Ed25519 are not impacted.
A second fix corrects a double-free memory bug in PuTTY’s implementation of RSA key exchange (RSA KEX), a less commonly used KEX method.
If a malicious server supplies an intentionally malformed, unusually short RSA key during the handshake, the client can follow an error-handling path that triggers a double free and crash.
The bug exists in versions 0.72 through 0.83. Although current reports indicate the issue results in application crashes only, double frees are potentially hazardous.
Because, under particular conditions, they can lead to memory corruption that might be further abused. Telnet “trust sigil” not cleared after proxy auth
The third fix concerns the “trust sigil” indicator that PuTTY uses to show text that originated from the client rather than the server.
When users authenticate through a proxy in a Telnet session, the trust indicator could remain set and incorrectly mark subsequent server-sent text as trusted.
This flaw creates a spoofing risk: after proxy authentication, a malicious server could display a fake password prompt that appears trusted and trick users into divulging credentials. The issue requires Telnet, which is insecure by design, but it undermines PuTTY’s visual safety mechanism.
Mitigation
- Upgrade to PuTTY 0.84.
- Disable legacy and unused KEX methods (for example, RSA KEX) if not needed.
- Avoid Telnet; prefer SSH with modern curves like Ed25519.
- Monitor SSH connection failures and crashes as they may indicate probing or exploitation attempts.
No Comment! Be the first one.