Full Disclosure mailing list archives
Re: iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords
From: Michael Renzmann <security () dylanic de>
Date: Wed, 29 Jan 2003 19:25:22 +0100
Hi. iDEFENSE Labs wrote: [...]
PuTTY is a free implementation of Telnet and SSH for Win32 platforms, along with an xterm terminal emulator. More information is available at http://www.chiark.greenend.org.uk/~sgtatham/putty/.
[...]AFAIK WinSCP2 is a program that relies on the codebase of PuTTY. Has anyone information if WinSCP2 is also "vulnerable" to this?
Bye, Mike _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords iDEFENSE Labs (Jan 29)
- Re: iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords Michael Renzmann (Jan 29)
- <Possible follow-ups>
- Re: iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords auto68182 (Jan 30)
- RE: iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords David Endler (Jan 30)