CVE-2006-7162
EPSS 0.04%
Description
PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files containing private keys generated by puttygen and (2) session logs created by putty, which allows local users to gain sensitive information by reading these files.
How to fix CVE-2006-7162
To remediate CVE-2006-7162, upgrade the affected package to a fixed version below.
- Debian/putty—upgrade to 0.59-1 or later
Is CVE-2006-7162 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.59-1