Defcesco

**Name of the Vulnerable Software and Affected Versions** KiTTY versions 0.76.1.13 and before **Description** The issue is a stack-based buffer overflow that occurs via the hostname due to insufficient bounds checking and input sanitization. This allows an attacker to overwrite adjacent memory, leading to arbitrary code execution. **Recommendations** For KiTTY versions 0.76.1.13 and before, consider disabling the use of hostnames until a patch is available to prevent exploitation of the stack-based buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** KiTTY versions 0.76.1.13 and before **Description** The issue is a stack-based buffer overflow that occurs due to insufficient bounds checking and input sanitization via the `username`. This allows an attacker to overwrite adjacent memory, leading to arbitrary code execution. The vulnerability is located at line 2600. **Recommendations** For KiTTY versions 0.76.1.13 and before, as a temporary workaround, consider restricting the input for the `username` variable to prevent exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: KiTTY versions 0.76.1.13 and before Description: The issue is related to insufficient input sanitization and validation, failure to escape special characters, and insecure system calls. This allows an attacker to add inputs inside the `filename` variable, leading to arbitrary code execution. The vulnerability occurs due to the lack of proper data cleaning at the management level. Recommendations: For KiTTY versions 0.76.1.13 and before, consider disabling the use of the `filename` variable until a patch is available to prevent command injection attacks. Restrict access to the system calls at lines 2369-2390 to minimize the risk of exploitation. Avoid using special characters in the `filename` variable to reduce the risk of arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.