Popular SSH client PuTTY was found to have a critical bug that could allow MITM attacks. The flaw, designated as vuln-dss-verify, primarily affects DSA signature checking and can provide the attacker an opportunity to bypass signature checks. Apparently, vuln-dss-verify was evident only on PuTTY’s development builds created in 2019.
The big picture
Why it matters - Simon Tatham, the creator of the free SSH client, shed light on how the bug could be disastrous.
“If PuTTY has any cached ssh-dss key for the server that the client is trying to connect to, the man-in-the-middle attacker can silently compromise the connection. If PuTTY has no DSA host key for the target server, and the server has a real DSA host key, the attacker can arrange that the host key confirmation dialog presented to the client user is the correct one and still compromise the connection if that key is accepted,” he wrote in a blog.
Fixed in version 0.71
Tatham’s post also mentions that the flaw is fixed in the latest version 0.71 of PuTTY. On the other hand, this version also fixes other issues such as buffer overflow errors observable on Windows and Unix operating systems.