Black Raven Dragoons

...because insanity just isn't crazy enough.

Skip to content

It is currently Fri Apr 19, 2024 5:22 pm

PuTTY vulnerability update

If you have something technology-related to share and don't feel like cluttering up General Chat, post it here. Anything is fair game and anything highly technical is preferred.
Post a reply

PuTTY vulnerability update

Postby Zancarius » Sun Nov 08, 2015 1:39 pm

http://www.chiark.greenend.org.uk/~sgta ... rflow.html

I know some of you probably use PuTTY. Posting this because it may be of interest.

In short, to become a victim of such an attack, you would need to connect to an a malicious server (or one controlled by an attacker) for this vulnerability to work. However, it's still a good idea to update.

I have no idea if this includes support for ECDSA or ED25519 keys. I'll check when I next boot over to Windows.

Related but not to PuTTY: If you're using public key authentication, you should also consider expiring or phasing out DSA keys due to recent vulnerabilities found in the DSA algorithm. If you're using RSA keys with a minimum strength of 2048, you should be okay. Neither ECDSA nor ED25519 are affected.
I gave that lich a phylactery shard. Liches love phylactery shards.
User avatar
Zancarius
Site Admin
 
Posts: 3907
Joined: Wed Jul 05, 2006 3:06 pm
Location: New Mexico
Gender: Male
Top
Post a reply

Return to Technology Lounge

Who is online

Users browsing this forum: No registered users and 0 guests

GoonTheme, raven logo, logotype, and some content Copyright © 2006-2011 Black Raven Dragoons
Every other bit of content belongs to our members individually who may or may not disclaim copyright.
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

phpBB SEO
cron