CVE-2005-4178
Severity Score
6.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2005-12-12 CVE Reserved
- 2005-12-12 CVE Published
- 2024-08-07 CVE Updated
- 2024-11-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/18108 | Third Party Advisory | |
| http://secunia.com/advisories/18109 | Third Party Advisory | |
| http://secunia.com/advisories/18142 | Third Party Advisory | |
| http://www.securityfocus.com/bid/15923 | Third Party Advisory | |
| http://www.vupen.com/english/advisories/2005/2962 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html | 2018-10-30 | |
| http://matt.ucc.asn.au/dropbear/dropbear.html | 2018-10-30 |
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2005/dsa-923 | 2018-10-30 | |
| http://www.gentoo.org/security/en/glsa/glsa-200512-13.xml | 2018-10-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dropbear Ssh Project Search vendor "Dropbear Ssh Project" | Dropbear Ssh Search vendor "Dropbear Ssh Project" for product "Dropbear Ssh" | < 0.47 Search vendor "Dropbear Ssh Project" for product "Dropbear Ssh" and version " < 0.47" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 3.0 Search vendor "Debian" for product "Debian Linux" and version "3.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 3.1 Search vendor "Debian" for product "Debian Linux" and version "3.1" | - |
Affected
| ||||||