Dropbear SSH < 0.48 Multiple Vulnerabilities Network Vulnerability

Summary

This host is installed with Dropbear SSH and is prone to multiple vulnerabilities.

Impact

The flaws allows remote attackers to cause a denial of service (connection slot exhaustion) and local attackers to execute arbitrary commands.

Solution

Updates are available.

Insight

Multiple flaws are due to, - A large number of connection attempts that exceeds the MAX_UNAUTH_CLIENTS defined value of 30 is possible. - The shipped scp command of OpenSSH 4.2p1 expands filenames that contain shell metacharacters or spaces twice.

Affected

Versions prior to Dropbear SSH 0.48 are vulnerable.

Detection

Check the version.

References

http://www.exploit-db.com/exploits/1572
http://www.securityfocus.com/bid/16369
http://www.securityfocus.com/bid/17024
https://matt.ucc.asn.au/dropbear/dropbear.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2006-0225, CVE-2006-1206

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Apache /server-info accessible
Adobe Reader Information Disclosure & Code Execution Vulnerabilities (Linux)
Arris DOCSIS Password Disclosure
Apache Tomcat Multiple Vulnerabilities - 02 Mar14
Apple Safari libxml Denial of Service Vulnerability

Take action and discover your vulnerabilities