Update Solar-PuTTY because of SSH exploitable vulnerability called Terrapin?

A couple of days ago I noticed serious warnings about the SSH vulnerability, Terrapin (CVE-2023-48795)

It has been reported widely

https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/

https://www.helpnetsecurity.com/2023/12/19/ssh-vulnerability-cve-2023-48795/

PuTTY (which is the underlying app in Solar-PuTTY) has been updated https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-terrapin.html

How do we incorporate this new secure version of PuTTY update into our current Solar-PuTTY?
If we cannot easily add the secure PuTTY to our Solar-PuTTY, when is the new secure Solar-PuTTY update expected?

-Kiggs

Find more posts tagged with

Security

CVE-2023-48795

update

ssh

client

solar-putty

terrapin

solarputty

vulnerability

Accepted answers

All comments

userunnown

Has anyone at SolarWinds addressed this? I like the tool, but not with the vulnerability.

kiggs

I asked them through two different forums and they sent me here.
I am hoping someone here knows who the developers are so this can be solved.
Its sad that it was SolarWinds who pointed us to this wonderful product and we love using it but when it gets a security vulnerability then all of a sudden there is no one to fix it.

bourlis

This vulnerability resides in NCM as well.