Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-2456-1:BE1CF
HistoryApr 24, 2012 - 8:19 p.m.

[SECURITY] [DSA 2456-1] dropbear security update

2012-04-2420:19:21
lists.debian.org
16

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.01 Low

EPSS

Percentile

83.7%

JSON

Debian Security Advisory DSA-2456-1 [email protected]
http://www.debian.org/security/ Moritz Muehlenhoff
April 23, 2012 http://www.debian.org/security/faq

Package : dropbear
Vulnerability : use after free
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-0920

Danny Fullerton discovered a use-after-free in the Dropbear SSH daemon,
resulting in potential execution of arbitrary code. Exploitation is
limited to users, who have been authenticated through public key
authentication and for which command restrictions are in place.

For the stable distribution (squeeze), this problem has been fixed in
version 0.52-5+squeeze1.

For the testing distribution (wheezy), this problem has been fixed in
version 2012.55-1.

For the unstable distribution (sid), this problem has been fixed in
version 2012.55-1.

We recommend that you upgrade your dropbear packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian6alldropbear< 0.52-5+squeeze1dropbear_0.52-5+squeeze1_all.deb

Related

openvas 8
securityvulns 2
debiancve 1
nessus 5
cvelist 1
ubuntucve 1
cve 1
freebsd 1
prion 1
fedora 1
gentoo 1
oracle 1
openvas
openvas
Debian Security Advisory DSA 2456-1 (dropbear - use after free)
2013-09-18 00:00:00
Fedora Update for dropbear FEDORA-2012-10934
2012-07-30 00:00:00
FreeBSD Ports: dropbear
2012-03-12 00:00:00
securityvulns
securityvulns
Dropbear SSH server use-after-free
2012-03-19 00:00:00
Dropbear SSH server use-after-free vulnerability
2012-03-19 00:00:00
debiancve
debiancve
CVE-2012-0920
2012-06-05 22:55:00
nessus
nessus
FreeBSD : dropbear -- arbitrary code execution (eba70db4-6640-11e1-98af-00262d8b701d)
2012-03-05 00:00:00
Debian DSA-2456-1 : dropbear - use after free
2012-04-25 00:00:00
Fedora 16 : dropbear-0.55-1.fc16 (2012-10934)
2012-07-30 00:00:00
cvelist
cvelist
CVE-2012-0920
2012-06-05 22:00:00
ubuntucve
ubuntucve
CVE-2012-0920
2012-06-05 00:00:00
cve
cve
CVE-2012-0920
2012-06-05 22:55:00
freebsd
freebsd
dropbear -- arbitrary code execution
2012-02-22 00:00:00
prion
prion
Design/Logic Flaw
2012-06-05 22:55:00
fedora
fedora
[SECURITY] Fedora 16 Update: dropbear-0.55-1.fc16
2012-07-29 00:52:56
gentoo
gentoo
Dropbear: Multiple vulnerabilities
2013-09-26 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2017
2017-04-18 00:00:00

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.01 Low

EPSS

Percentile

83.7%

JSON
Related for DEBIAN:DSA-2456-1:BE1CF
openvas8securityvulns2debiancve1nessus5cvelist1ubuntucve1cve1freebsd1prion1fedora1gentoo1oracle1