Bug 993031 (CVE-2013-4206, CVE-2013-4207, CVE-2013-4208, CVE-2013-4852)

Summary: CVE-2013-4206 CVE-2013-4207 CVE-2013-4208 CVE-2013-4852 putty: Integer overflow, leading to heap-based buffer overflow during SSH handshake
Product: [Other] Security Response Reporter: Jan Lieskovsky <jlieskov>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: drizt, f802095, fedora, jrusnack, jskarvad, kwizart, tremble
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=moderate,public=20130715,reported=20130805,source=mageia,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,fedora-all/putty=affected,epel-all/putty=affected,fedora-all/filezilla=affected,epel-6/filezilla=affected,cwe=CWE-190->CWE-120
Fixed In Version: putty 0.6.3, filezilla 3.7.3 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-02 14:40:07 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On: 993033, 993034, 993346, 993347    
Bug Blocks:    

Description Jan Lieskovsky 2013-08-05 08:59:34 EDT
An integer overflow, leading to heap-based buffer overflow flaw was found in the way DSS and RSA implementation of PuTTY, a SSH, telnet, and rlogin client, used to process certain SSH handshake messages. A rogue SSH server could issue a specially-crafted SSH handshake message that, when processed in PuTTY client would lead to client crash or, potentially, arbitrary code execution with the privileges of the user running the client.

References:
[1] http://www.search-lab.hu/advisories/secadv-20130722

Upstream bug report:
[2] http://winscp.net/tracker/show_bug.cgi?id=1017

Relevant patch:
[3] http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9896

Other references:
[4] https://bugs.mageia.org/show_bug.cgi?id=10925
[5] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779
Comment 1 Jan Lieskovsky 2013-08-05 09:01:43 EDT
This issue affects the (latest) versions of the putty package, as shipped with Fedora release of 18, 19, Fedora EPEL-5, and Fedora EPEL-6. Please schedule an update.
Comment 2 Jan Lieskovsky 2013-08-05 09:02:41 EDT
Created putty tracking bugs for this issue:

Affects: fedora-all [bug 993033]
Affects: epel-all [bug 993034]
Comment 3 Kurt Seifried 2013-08-05 16:24:34 EDT
Salvatore Bonaccorso <carnil@debian.org> reports:

Package: filezilla
Severity: grave
Tags: security patch upstream

Hi,

the following vulnerability was published for putty, but filezilla
embedds putty source:

CVE-2013-4852[0]:
PuTTY SSH handshake heap overflow

See the advisory [1] for details referring to putty commit [2].
AFAICS filezilla embedding putty in vulnerable version is used in
build for fzsftp. See [3] for the corresponding bugreport for putty
itself.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] http://security-tracker.debian.org/tracker/CVE-2013-4852
[1] http://www.search-lab.hu/advisories/secadv-20130722
[2] http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9896
[3] http://bugs.debian.org/718779

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718800
Comment 4 Kurt Seifried 2013-08-05 16:27:13 EDT
Created filezilla tracking bugs for this issue:

Affects: fedora-all [bug 993346]
Affects: epel-6 [bug 993347]
Comment 5 Vincent Danen 2013-08-06 15:43:45 EDT
This is fixed in FileZilla 3.7.2:

http://svn.filezilla-project.org/filezilla?revision=5158&view=revision

Putty 0.6.3 was also released to fix this flaw.
Comment 6 Vincent Danen 2013-08-06 15:48:17 EDT
This flaw is documented here:

http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-signature-stringlen.html

However, there are three other flaws without CVE names:

* a heap-corrupting buffer underrun bug in the modmul function which performs modular multiplication:
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html
http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9977

* A buffer overflow vulnerability in the calculation of modular inverses when verifying a DSA signature:
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-division-by-zero.html
http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9996

* Private keys left in memory after being used by PuTTY tools:
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped.html
http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9988

These three issues do not, as far as I know yet, have CVE names.
Comment 7 Vincent Danen 2013-08-07 14:48:11 EDT
> * a heap-corrupting buffer underrun bug in the modmul function which
> performs modular multiplication:
> http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-modmul.html
> http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9977

CVE-2013-4206
 
> * A buffer overflow vulnerability in the calculation of modular inverses
> when verifying a DSA signature:
> http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-bignum-
> division-by-zero.html
> http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9996

CVE-2013-4207
 
> * Private keys left in memory after being used by PuTTY tools:
> http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-
> wiped.html
> http://svn.tartarus.org/sgt?view=revision&sortby=date&revision=9988

CVE-2013-4208

Assigned as per:

http://www.openwall.com/lists/oss-security/2013/08/06/13
Comment 8 Vincent Danen 2013-08-09 10:05:45 EDT
FileZilla 3.7.3 was released which corrects the other three putty flaws.
Comment 9 Richard W.M. Jones 2013-08-09 16:31:02 EDT
*** Bug 995610 has been marked as a duplicate of this bug. ***
Comment 10 Fedora Update System 2013-08-17 20:39:32 EDT
filezilla-3.7.3-1.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 11 Fedora Update System 2013-08-20 20:00:57 EDT
putty-0.63-1.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 12 Fedora Update System 2013-08-20 20:12:35 EDT
putty-0.63-1.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 13 Fedora Update System 2013-09-29 14:14:21 EDT
filezilla-3.7.3-1.el6 has been pushed to the Fedora EPEL 6 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 14 Fedora Update System 2013-09-29 20:48:17 EDT
filezilla-3.7.3-1.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.