Slashdot Mirror


Serious Security Hole In PuTTY

Tim 'gk^' Nilimaa writes "A serious security hole has been found in PuTY, version 0.54 and before. Simon Tatham and his fellows released PuTTY 0.55 on 2004-08-03 which solves this bug. The bug may allow servers to use PuTTY to act as a machine that you trust, even beforce you verify the hosts key while connecting using SSH2. An attack could be a fact before you know that you have connected to the wrong machine. I (and they) say: upgrade to PuTTY 0.55 - now."

1 of 72 comments (clear)

  1. Re:Clarification by whoisjoe · · Score: 5, Funny

    Actually, my client machine has been acting kind of weird lately. I think it's plotting against me, trying to turn my family and friends against...hey what are you do-OW!

    THERE IS NOTHING TO FEAR. ALL IS WELL. NOTHING TO SEE HERE. PLEASE KEEP MOVING.