CVE-2011-4607

EPSS 0.06%

Published: 8/23/2013Modified: 4/28/2026

Description

PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords by obtaining access to the process' memory.

Affected packages (1)

Debian/puttyfrom 0, < 0.62-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-4607