CVE-2021-36367 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Low
Remote	Yes
Type	Content spoofing
Description	PuTTY before version 0.76 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt (that the attacker can use to capture credential data, and use that data for purposes that are undesired by the client user).

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2143	putty	0.75-1	0.76-1	Low	Fixed

Date	Advisory	Group	Package	Severity	Type
20 Jul 2021	ASA-202107-37	AVG-2143	putty	Low	content spoofing

References
https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=1dc5659aa62848f0aeb5de7bd3839fecc7debefa