9.3 High
AI Score
Confidence
High
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:S/C:C/I:C/A:C
0.01 Low
EPSS
Percentile
83.8%
Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54, when command restriction and public key authentication are enabled, allows remote authenticated users to execute arbitrary code and bypass command restrictions via multiple crafted command requests, related to “channels concurrency.”
matt.ucc.asn.au/dropbear/CHANGES
secunia.com/advisories/48147
secunia.com/advisories/48929
www.debian.org/security/2012/dsa-2456
www.osvdb.org/79590
www.securityfocus.com/bid/52159
exchange.xforce.ibmcloud.com/vulnerabilities/73444
secure.ucc.asn.au/hg/dropbear/rev/818108bf7749
www.mantor.org/~northox/misc/CVE-2012-0920.html