Man-in-the-Middle (MitM) attack in putty (Alpine package)



Published: 2020-09-03
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2020-14002
CWE-ID CWE-300
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		putty (Alpine package)
Operating systems & Components / Operating system package or component

Vendor Alpine Linux Development Team

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Man-in-the-Middle (MitM) attack

EUVDB-ID: #VU29487

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-14002

CWE-ID: CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a Man-in-the-Middle (MitM) attack.

The vulnerability exists due to an observable discrepancy issue in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client).

Mitigation

Install update from vendor's website.

Vulnerable software versions

putty (Alpine package): 0.68-r0 - 0.74-r0

External links

http://git.alpinelinux.org/aports/commit/?id=e4ccef76f09ac91c0e882a940613b51444d82a56


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###