Lucene search

[email protected]CVE-2017-9078

HistoryMay 19, 2017 - 2:29 p.m.

CVE-2017-9078

2017-05-1914:29:00

CWE-415

[email protected]

web.nvd.nist.gov

168

cve-2017-9078

dropbear

server

post-authentication

remote code execution

double free

tcp listeners

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

76.2%

JSON

The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -a option is enabled.

CPENameOperatorVersion
dropbear_ssh_project:dropbear_sshdropbear ssh project dropbear sshlt2017.75
debian:debian_linuxdebian debian linuxeq8.0
netapp:h410c_firmwarenetapp h410c firmwareeq-

CPE	Name	Operator	Version
dropbear_ssh_project:dropbear_ssh	dropbear ssh project dropbear ssh	lt	2017.75
debian:debian_linux	debian debian linux	eq	8.0
netapp:h410c_firmware	netapp h410c firmware	eq	-