PuTTY 0.56, released today, fixes a serious security hole which can allow a server to execute code of its choice on a PuTTY client connecting to it. In SSH2, the attack can be performed before host key verification, meaning that even if you trust the server you think you are connecting to, a different machine could be impersonating it and could launch the attack before you could tell the difference. We recommend everybody upgrade to 0.56 as soon as possible.
That’s two really bad holes in three months. I’d like to apologise to all our users for the inconvenience.
These features are new in beta 0.56 (released 2004-10-26):
* Security fix: a vulnerability discovered by iDEFENSE, potentially allowing arbitrary code execution on the client by a malicious SSH2 server before host key verification, has been fixed.
* Ability to restart a session within an inactive window, via a new menu option.
* Minimal support for not running a shell or command at all in SSH protocol 2 (equivalent to OpenSSH’s “-N” option). PuTTY/Plink still provide a normal window for interaction, and have to be explicitly killed.
* Transparent support for CHAP cryptographic authentication in the SOCKS 5 proxy protocol. (Not in PuTTYtel.)
* More diagnostics in the Event Log, particularly of SSH port forwarding.
* Ability to request setting of environment variables in SSH (protocol 2 only). (However, we don’t know of any servers that support this.)
* Ability to send POSIX signals in SSH (protocol 2 only) via the “Special Commands” menu. (Again, we don’t know of any servers supporting this.)
* Bug fix: The PuTTY tools now more consistently support usernames containing “@” signs.
* Support for the Polish character set “Mazovia”.
* When logging is enabled, the log file is flushed more frequently, so that its contents can be viewed before it is closed.
* More flexibility in SSH packet logging: known passwords and session data can be omitted from the log file. Passwords are omitted by default. (This option isn’t perfect for removing sensitive details; you should still review log files before letting them out of your sight.)
* Unix-specific changes:
o Ability to set environment variables in pterm.
o PuTTY and pterm attempt to use a UTF-8 line character set by default if this is indicated by the locale; however, this can be overridden.