Another Serious Security Hole in PuTTY, Fixed 30
Markaci writes "You may recall recently upgrading PuTTY. There is a new version, released 2004-10-26, which fixes a very similar security hole. The bug can allow servers that you think you can trust to execute code on the PuTTY client, even before you verify the hosts key while connecting using SSH2. You can be attacked before you know that you have connected to the wrong machine. Upgrade to version 0.56 now."
Re:Amazing (Score:1, Informative)
Re:Latest version (Score:3, Informative)
If you don't believe me that its trojaned, scan it in any current antivirus software -- It submits your password via some custom protocol via the same port RealMedia uses. Nice try, script kiddie.