PuTTY vulnerability discovered by SEARCH-LAB

SEARCH-LAB has recently discovered a vulnerability in PuTTY, one of the most popular SSH clients for Windows. While it would only allow malicious server operators to crash PuTTY clients, the vulnerability could have much more serious effects – even arbitrary code execution – in software building on PuTTY source code, such as WinSCP, a very popular file transfer application.

The vulnerability, caused by an integer overflow leading to heap overflow during the SSH handshake, affects all versions of PuTTY up to and including 0.62. Even though we have disclosed this vulnerability to the public only after it has been confirmed as fixed in the PuTTY code repository and WinSCP, it might take some time until all affected programs using PuTTY code apply the fix.