CVE-2006-7162 — LOW (1.9) — White Hats Nepal

Q: How severe is CVE-2006-7162?

CVE-2006-7162 has been rated LOW with a CVSS base score of 1.9/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2006-7162?

Check the references section above for vendor advisories and patch information. Affected products include: Putty Putty.

Vulnerability Description

PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files containing private keys generated by puttygen and (2) session logs created by putty, which allows local users to gain sensitive information by reading these files.

CVSS Score

1.9

LOW

AV:L/AC:M/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Putty	Putty	<= 0.59

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804PatchVendor Advisory
http://secunia.com/advisories/24381Vendor Advisory
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804PatchVendor Advisory
http://secunia.com/advisories/24381Vendor Advisory

FAQ

What is CVE-2006-7162?

CVE-2006-7162 is a vulnerability with a CVSS score of 1.9 (LOW). PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files containing private keys generated by puttygen and (2) session logs created by putty, which allows local users to gain sensitive info...

How severe is CVE-2006-7162?

CVE-2006-7162 has been rated LOW with a CVSS base score of 1.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-7162?

Check the references section above for vendor advisories and patch information. Affected products include: Putty Putty.