| Description: | Summary:
TortoiseSVN < 1.14.6 contains a vulnerable version of Putty
Vulnerability Insight:
It was discovered that Putty 0.68 through 0.80 before 0.81,
which is included in TortoiseSVN, uses biased ECDSA nonce generation, which allows an
attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60
signatures. An adversary may already have enough signature information to compromise a victim's
private key, even if there is no further use of vulnerable PuTTY versions.
Vulnerability Impact:
This allows for full secret key recovery of NIST P-521 keys
after a malicious actor has seen roughly 60 valid ECDSA signatures generated by any PuTTY
component under the same key. Client signatures are transmitted within the secure channel of SSH,
requiring a malicious server to acquire such signatures. If the key has been used to sign
arbitrary data (e.g., git commits by forwarding Pageant to a development host), the publicly
available signatures (e.g., on GitHub) can be used as well.
All NIST P-521 client keys used with PuTTY must be considered compromised, given that the attack
can be carried out even after the root cause has been fixed in the source code (assuming that
~
60 pre-patch signatures are available to an adversary).
Affected Software/OS:
TortoiseSVN prior to version 1.14.7.
Solution:
Update to version 1.14.7 or later and revoke / re-create all
generated key material.
CVSS Score:
5.4
CVSS Vector:
AV:N/AC:H/Au:N/C:C/I:N/A:N
|
