An SSH-1 server could trigger an access to freed memory by sending the SSH1_MSG_DISCONNECT message.
Tag: PuTTY
ASA-2019-00551 – PuTTY: Malicious clipboard content injection in bracketed paste mode
In the PuTTY terminal, bracketed paste mode was broken in 0.72, in a way that made the pasted data look like manual keyboard input. So any application relying on the bracketing sequences to protect against malicious clipboard contents would have been misled.
ASA-2019-00550 – PuTTY: Hijacking sockets used for local port forwarding
On Windows, the listening sockets used for local port forwarding were opened in a mode that did not prevent other processes from also listening on the same ports and stealing some of the incoming connections.