Upgrade to the Dropbear SSH 2013.59 or later. User-enumeration is possible due to a timing error when authenticating users.Description : Missing sanitisation of untrusted input allows an authenticated user who is able to request X11 forwarding to inject commands to xauth. Tested on : Ubuntu 15.10 with Dropbear server v2015.71. This occurs because /.ssh/authorizedkeys is read with root privileges and symlinks are followed. Affected version(s) : All versions of dropbear SSH prior to 2016.72 with X11Forwarding enabled. A denial of service vulnerability caused by the way the 'buf_decompress()' function handles compressed files. Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorizedkeys file format with a command option.Such, it is potentially affected by multiple vulnerabilities : The remote SSH service is affected by multiple vulnerabilities.Īccording to its self-reported banner, the version of Dropbear SSH running on this port is earlier than 2013.59. CVE - A flaw exists in dbclient when handling the -m or -c arguments in scripts.
I would appreciate providing updated version of aforementioned package, so that the problem can be eliminated.ħ0545 (1) - Dropbear SSH Server < 2013.59 Multiple Vulnerabilities An unauthenticated, remote attacker can exploit this to execute arbitrary code. I've been checking my home server for known vulnerabilities using Nessus, which has certain services accessible through ports forwarded on my router running OpenWRT Attitude Adjustment 12.09.1 and stumbled upon a security issue related to ancient Dropbear version present in Attitude Adjustment.
0 kommentar(er)
