The putty Wikipedia page has a citation on the most recent security vulnerability that was fixed in 0.62. Putty was caching the password in memory, and other local processes could potentially get a password that way.
Sometimes there is security in obscurity, and sometimes it's safer to be in the herd. -----Original Message----- From: Linux on 390 Port [mailto:[email protected]] On Behalf Of David Boyes Sent: Wednesday, March 06, 2013 2:45 PM To: [email protected] Subject: Re: Putty security > I have a security officer that has raised the issue regarding free [Putty] > software. That's unusually paranoid. What's his beef? Just that it's open source? > Has anyone encounterd security issues with Putty beyond the Release 0.60? > I am looking for documented problems. None in more than 100 customers. Ain't broke, don't fix it. > I am also interested in what I could use as a fee based product to replace > Putty. SSHTectia will sell you a commercial version of ssh which really doesn't do anything more than Putty does (other than have someone to sue). You could use RDP to connect to a Windows virtual desktop or Linux virtual desktop and use the included ssh (hope he doesn't know that that's open source too). I believe Hummingbird will sell you a version of their tools that are ssh-enabled. ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/ ________________________________ The information contained in this e-mail message is intended only for the personal and confidential use of the designated recipient(s) named above. This message may be an attorney-client or work product communication which is privileged and confidential. It may also contain protected health information that is protected by federal law. If you have received this communication in error, please notify us immediately by telephone and destroy (shred) the original message and all attachments. Any review, dissemination, distribution or copying of this message by any person other than the intended recipient(s) or their authorized agents is strictly prohibited. Thank you. ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
