CVE-2003-0048 Information

Description

PuTTY 0.53b and earlier does not clear logon credentials from memory including plaintext passwords which could allow attackers with access to memory to steal the SSH credentials.

Reference

http://marc.info/?l=bugtraq&m=104386492422014&w=2 http://www.idefense.com/advisory/01.28.03.txt http://www.securityfocus.com/bid/6724 http://www.securitytracker.com/id?1006014