CVE-2016-7406
https://notcve.org/view.php?id=CVE-2016-7406
Format string vulnerability in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via format string specifiers in the (1) username or (2) host argument. Vulnerabilidad de formato de cadena en Dropbear SSH en versiones anteriores a 2016.74 permite a atacantes remotos ejecutar código arbitrario a través de especificadores de cadena de formato en el (1) nombre de usuario o (2) argumento de anfitrión. • http://www.openwall.com/lists/oss-security/2016/09/15/2 http://www.securityfocus.com/bid/92974 https://bugzilla.redhat.com/show_bug.cgi?id=1376353 https://secure.ucc.asn.au/hg/dropbear/rev/b66a483f3dcb https://security.gentoo.org/glsa/201702-23 • CWE-20: Improper Input Validation •
CVE-2016-3116 – DropBearSSHD 2015.71 - Command Injection
https://notcve.org/view.php?id=CVE-2016-3116
CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data. Vulnerabilidad de inyección CRLF en Dropbear SSH en versiones anteriores a 2016.72 permite a usuarios remotos autenticados eludir las restricciones de comandos de shell previstas a través del redireccionamiento de datos X11 manipulados. Dropbear sshd versions 2015.71 and below suffer from a command injection vulnerability via xauth. An authenticated user may inject arbitrary xauth commands by sending an x11 channel request that includes a newline character in the x11 cookie. The newline acts as a command separator to the xauth binary. • https://www.exploit-db.com/exploits/40119 https://github.com/mxypoo/CVE-2016-3116-DropbearSSH http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179261.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179269.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179870.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00105.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00113.html http://packetstormsecurity.com/files/1362 •
CVE-2013-4434
https://notcve.org/view.php?id=CVE-2013-4434
Dropbear SSH Server before 2013.59 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to discover valid usernames. Dropbear SSH Server anterior a 2013.59 genera mensajes de error durante un intento de inicio de sesión fallido con diferentes retardos de tiempo en función de si existe la cuenta de usuario, lo que permite a atacantes remotos para descubrir los nombres de usuario válidos. • http://lists.opensuse.org/opensuse-updates/2013-10/msg00061.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00046.html http://secunia.com/advisories/55173 http://www.openwall.com/lists/oss-security/2013/10/16/11 http://www.securityfocus.com/bid/62993 https://matt.ucc.asn.au/dropbear/CHANGES https://secure.ucc.asn.au/hg/dropbear/rev/d7784616409a https://support.citrix.com/article/CTX216642 • CWE-189: Numeric Errors •
CVE-2013-4421
https://notcve.org/view.php?id=CVE-2013-4421
The buf_decompress function in packet.c in Dropbear SSH Server before 2013.59 allows remote attackers to cause a denial of service (memory consumption) via a compressed packet that has a large size when it is decompressed. La función buf_decompress en packet.c en Dropbear SSH Server anterior a 2013.59 permite a atacantes remotos causar denegación de servicio (consumo de memoria) a través de un paquete de gran tamaño al ser descomprimido. • http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119300.html http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119323.html http://lists.opensuse.org/opensuse-updates/2013-10/msg00061.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00046.html http://secunia.com/advisories/55173 http://www.openwall.com/lists/oss-security/2013/10/11/4 http://www.securityfocus.com/bid/62958 https://matt.ucc.asn.au/dropbear/CHANGES https://secure.ucc.a • CWE-189: Numeric Errors •
CVE-2007-1099
https://notcve.org/view.php?id=CVE-2007-1099
dbclient in Dropbear SSH client before 0.49 does not sufficiently warn the user when it detects a hostkey mismatch, which might allow remote attackers to conduct man-in-the-middle attacks. dbclient en el cliente SSH Dropbear en versiones anteriores a la 0.49 no previene/avisa suficientemente a los usuarios cuando detecta una discrepancia en el hostkey, lo que puede permite a usuarios remotos realizar ataques "hombre en el medio" (man-in-the-middle). • http://matt.ucc.asn.au/dropbear/CHANGES http://osvdb.org/33814 http://secunia.com/advisories/24345 http://www.osvdb.org/32088 http://www.securityfocus.com/bid/22761 http://www.vupen.com/english/advisories/2007/0785 https://exchange.xforce.ibmcloud.com/vulnerabilities/32762 •