Popular SSH client PuTTY had serious key exchange vulnerability

The famous SSH client - PuTTY was recently found to have a critical bug and had undergone a pile of security patches. If left out, these bugs might have allowed MITM attacks. The flaw, addressed as designated as vuln-dss-verify, primarily affects DSA signature checking and can provide the attacker an opportunity to bypass signature checks. Apparently, vuln-dss-verify was evident only on PuTTY’s development builds created in 2019. The bug was discovered by researcher Filipe Casal, which he did for the bounty program under EU-FOSSA project. The previous version of PuTTY had a vulnerability in the form of a fixed signature that allowed attackers to easily bypass signature checks.

All the release versions of PuTTY (including 0.70) other than development builds were unaffected by the bug.

Only development snapshot builds dated before 2019-02-11 were being affected. The PuTTY with no DSA host keys cached on the OS didn't get affected, though. On talking about the issue, Simon Tatham, the creator of the free SSH client, wrote in his blog that "If PuTTY has any cached ssh-dss key for the server that the client is trying to connect to, the man-in-the-middle attacker can silently compromise the connection. If PuTTY has no DSA host key for the target server, and the server has a real DSA host key, the attacker can arrange that the host key confirmation dialog presented to the client user is the correct one and still compromise the connection if that key is accepted.”