Bug 833567 (CVE-2013-4852)

Summary: VUL-0: CVE-2013-4852: putty: Integer overflow results heap-based buffer overflow
Product: [Novell Products] SUSE Security Incidents Reporter: Matthias Weckbecker <mweckbecker>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Major    
Priority: P2 - High CC: Andreas.Stieger, jengelh, meissner, security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on:    
Bug Blocks: 834202    

Description Matthias Weckbecker 2013-08-06 14:03:17 UTC
From [1]:

 "PuTTY versions 0.62 and earlier - as well as all software that
  integrates these versions of PuTTY - are vulnerable to an integer overflow
  leading to heap overflow during the SSH handshake before authentication,
  caused by improper bounds checking of the length parameter received from the
  SSH server.
  This allows  remote attackers to cause denial of service, and may have more
  severe impact on the operation of software that uses PuTTY code."

Fix available in the SVN [2].

[1] http://www.search-lab.hu/advisories/secadv-20130722
[2] http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9896
Comment 1 Andreas Stieger 2013-08-06 19:25:18 UTC
Turns out I am not the maintainer, but here we go.. updated to 0.63 which was released just now:

SR to X11:Utilities https://build.opensuse.org/request/show/186142
MR for 12.3: https://build.opensuse.org/request/show/186144
Comment 2 Jan Engelhardt 2013-08-06 20:03:10 UTC
Not so fast.

MR for 12.3 is now 186147.
Comment 3 Bernhard Wiedemann 2013-08-06 21:00:07 UTC
This is an autogenerated message for OBS integration:
This bug (833567) was mentioned in
https://build.opensuse.org/request/show/186147 Maintenance /
Comment 4 Benjamin Brunner 2013-08-07 09:13:48 UTC
After this fixes an security-issue I changed the needinfo to our security-team.
Comment 5 Marcus Meissner 2013-08-12 13:05:32 UTC
update accepted, waiting in 7 day queue
Comment 6 Swamp Workflow Management 2013-08-19 13:04:19 UTC
openSUSE-SU-2013:1355-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 833567
CVE References: CVE-2013-4852
Sources used:
openSUSE 12.3 (src):    putty-0.63-2.4.1