9.7 High
AI Score
Confidence
High
0.029 Low
EPSS
Percentile
90.8%
Format string vulnerability in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via format string specifiers in the (1) username or (2) host argument.
www.openwall.com/lists/oss-security/2016/09/15/2
www.securityfocus.com/bid/92974
bugzilla.redhat.com/show_bug.cgi?id=1376353
secure.ucc.asn.au/hg/dropbear/rev/b66a483f3dcb
security.gentoo.org/glsa/201702-23