Home
|
FAQ
|
Feedback
|
Licence
|
Updates
|
Mirrors
|
Keys
|
Links
|
Team
Download:
Stable
·
Pre-release
·
Snapshot
|
Docs
|
Privacy
|
Changes
|
Wishlist
Up to and including version 0.70, the GTK front end to PuTTY's terminal emulator would fail an assertion in a corner case:
ESC # 6
to
make the whole line double-width, leaving an unusable odd character
cell at the end of the line
All the conditions for this failure can be triggered by remote terminal output. (Remote-controlled resizing of the terminal window can be turned off in the Features config panel, but it's on by default.) So, if a malicious process is able to write escape sequences to your terminal, then they can terminate your entire PuTTY session uncleanly, making it impossible for you to even recover any important information from your terminal scrollback.
As of 0.71, this assertion failure is fixed. PuTTY will cleanly handle this case by not trying to display anything that confuses it.
This vulnerability was found by Brian Carpenter, as part of a bug bounty programme run under the auspices of the EU-FOSSA project.
CVE ID CVE-2019-9897 has been assigned for the collection of terminal DoS attacks fixed in 0.71, including this, vuln-terminal-dos-combining-chars and vuln-terminal-dos-one-column-cjk.