[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] PoTTy (Obfuscated PuTTy) vulnerable to storm's DLL Hijacking Exploit

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] PoTTy (Obfuscated PuTTy) vulnerable to storm's DLL Hijacking Exploit
From: <dink@xxxxxxxxxxxxxxx>
Date: Fri, 27 Aug 2010 09:07:34 -0700

NAME: PoTTy v0.60
=================


VENDOR: Mr. Hinky Dink
======================

PoTTy, an Open Source, modified version of Simon Tatham's PuTTy (Windows
version, v0.60) for Bruce Leidl's Obfuscated-OpenSSH v5.2 server, has
been demonstrated vulnerable to the recent Windows DLL hijacking
exploit(s).


PROOF OF CONCEPT
================

See storm's (storm@xxxxxxxxxxxxxxxxxx) exploit code at
http://www.exploit-db.com/exploits/14796/


VENDOR RESPONSE
===============

WTF?  How do I fix this?


REMEDIATION
===========

Stop running Windows.


HISTORY
=======

08/27/2010 - Vendor notified
08/27/2010 - Vendor craps pance
08/27/2010 - Vendor decides any publicity is good publicity
08/27/2010 - Vendor publishes details


LINKS:
======

This Notice:
http://mrhinkydink.blogspot.com/2010/08/potty-dll-injection-vulnerability.html
Vendor Response: http://proxyobsession.net/?p=1097
PoTTy Download Page: http://www.mrhinkydink.com/potty.htm
Obfuscated-OpenSSH: http://github.com/brl/obfuscated-openssh

c. MMX Mr. Hinky Dink

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] DLL hijacking with Autorun on a USB drive
Next by Date: Re: [Full-disclosure] DLL hijacking with Autorun on a USB drive
Previous by thread: [Full-disclosure] [USN-979-1] okular vulnerability
Next by thread: [Full-disclosure] OpenDLP 0.2.2 VirtualBox VM released
Index(es):
- Date
- Thread