Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 801517 (CVE-2021-36367)

Summary: <net-misc/putty-0.76: malicious server prompt spoofing (CVE-2021-36367)
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: polynomial-c
Priority: Normal Flags: nattka: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://git.tartarus.org/?p=simon/putty.git;a=commit;h=1dc5659aa62848f0aeb5de7bd3839fecc7debefa
Whiteboard: B4 [noglsa]
Package list:
net-misc/putty-0.76
Runtime testing required: ---

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-07-11 02:48:55 UTC
CVE-2021-36367:

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt (that the attacker can use to capture credential data, and use that data for purposes that are undesired by the client user).
Comment 1 Larry the Git Cow gentoo-dev 2021-07-17 18:25:07 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fc1ef8f35eaf642458b997fe736f7a02dc7659c1

commit fc1ef8f35eaf642458b997fe736f7a02dc7659c1
Author:     Lars Wendler <polynomial-c@gentoo.org>
AuthorDate: 2021-07-17 18:23:06 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2021-07-17 18:25:01 +0000

    net-misc/putty: Security bump to version 0.76
    
    Bug: https://bugs.gentoo.org/801517
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

 net-misc/putty/Manifest          |  1 +
 net-misc/putty/putty-0.76.ebuild | 95 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 96 insertions(+)
Comment 2 Agostino Sarubbo gentoo-dev 2021-07-18 06:33:32 UTC
amd64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2021-07-18 06:34:32 UTC
sparc stable
Comment 4 Agostino Sarubbo gentoo-dev 2021-07-18 06:36:05 UTC
x86 stable
Comment 5 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-07-26 02:14:11 UTC
ppc done
Comment 6 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-07-26 04:36:50 UTC
ppc64 done

all arches done
Comment 7 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-07-26 06:10:38 UTC
Please cleanup, thanks!
Comment 8 Larry the Git Cow gentoo-dev 2021-07-26 06:59:39 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4c4567e7f8b564ed5da6a6b4da9fb443e4859a49

commit 4c4567e7f8b564ed5da6a6b4da9fb443e4859a49
Author:     Lars Wendler <polynomial-c@gentoo.org>
AuthorDate: 2021-07-26 06:59:12 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2021-07-26 06:59:32 +0000

    net-misc/putty: Security cleanup
    
    Bug: https://bugs.gentoo.org/801517
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

 net-misc/putty/Manifest          |  1 -
 net-misc/putty/putty-0.75.ebuild | 95 ----------------------------------------
 2 files changed, 96 deletions(-)
Comment 9 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-08-09 21:18:26 UTC
Only exploitable via a malicious server - very low impact as users tend to trust the server they're connecting to. No GLSA. Sorry it took so long to get to this.