Summary
This host is installed with Dropbear SSH client and is prone to a man-in-the-middle vulnerability.
Impact
This flaw might allow remote attackers to conduct
man-in-the-middle attacks.
Solution
Updates are available.
Insight
dbclient in Dropbear SSH client before 0.49 does
not sufficiently warn the user when it detects a hostkey mismatch.
Affected
Versions prior to Dropbear SSH 0.49 are vulnerable.
Detection
Check the version.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2007-1099 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe AIR Multiple Vulnerabilities-01 Jun14 (Windows)
- Active Perl Locale::Maketext Module Multiple Code Injection Vulnerabilities (Windows)
- Adobe Captivate Insecure Library Loading Vulnerability
- Adobe AIR Multiple Vulnerabilities(APSB14-22)-(Mac OS X)
- Adobe AIR Multiple Vulnerabilities-01 Sep14 (Mac OS X)