Serious Security Hole In PuTTY 72
Tim 'gk^' Nilimaa writes "A serious security hole has been found in PuTY, version 0.54 and before. Simon Tatham and his fellows released PuTTY 0.55 on 2004-08-03 which solves this bug. The bug may allow servers to use PuTTY to act as a machine that you trust, even beforce you verify the hosts key while connecting using SSH2. An attack could be a fact before you know that you have connected to the wrong machine. I (and they) say: upgrade to PuTTY 0.55 - now."
PuTTY tip (Score:1, Interesting)
What I want to know... (Score:2, Interesting)
Why not front page? (Score:4, Interesting)
Keep up the good work Rob. Hey, where are the 503's today? It hardly seems like the dot without them.
Yeah, yeah, -1, flamebait -1 troll. Who gives a crap? Not Rob or OSDTNVHPR
Re:Nice response time (Score:4, Interesting)
so its always assuring that the devs have a quick turn around on fixes (especially with free software), that kind of dedication is appreciated
Not meaning to be nasty to the putty team, but theres no verifiable date of discovery of this bug, and the last release was 2003. This bug could have been known to the team 6 months ago, and only fixed now :).
Re:Seriously though (Score:3, Interesting)