Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-4434HistoryOct 25, 2013 - 11:55 p.m.
CVE-2013-4434
2013-10-2523:55:00
Debian Security Bug Tracker
security-tracker.debian.org
10
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.021 Low
EPSS
Percentile
89.1%
Dropbear SSH Server before 2013.59 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to discover valid usernames.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | dropbear | < 2012.55-1.4 | dropbear_2012.55-1.4_all.deb |
| Debian | 11 | all | dropbear | < 2012.55-1.4 | dropbear_2012.55-1.4_all.deb |
| Debian | 10 | all | dropbear | < 2012.55-1.4 | dropbear_2012.55-1.4_all.deb |
| Debian | 999 | all | dropbear | < 2012.55-1.4 | dropbear_2012.55-1.4_all.deb |
| Debian | 13 | all | dropbear | < 2012.55-1.4 | dropbear_2012.55-1.4_all.deb |
Related
cve
cve
CVE-2013-4434
2013-10-25 23:55:00
prion
prion
Code injection
2013-10-25 23:55:00
ubuntucve
ubuntucve
CVE-2013-4434
2013-10-25 00:00:00
nessus
nessus
openSUSE Security Update : dropbear (openSUSE-SU-2013:1616-1)
2014-06-13 00:00:00
openSUSE Security Update : dropbear (openSUSE-SU-2013:1696-1)
2014-06-13 00:00:00
Dropbear SSH Server < 2013.59 Multiple Vulnerabilities
2013-10-22 00:00:00
freebsd
freebsd
dropbear -- exposure of sensitive information, DoS
2013-05-08 00:00:00
securityvulns
securityvulns
Dropbear SSH server timing attacks
2013-11-05 00:00:00
[ MDVSA-2013:261 ] dropbear
2013-11-05 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2013-0318)
2022-01-28 00:00:00
Dropbear SSH < 2013.59 Multiple Security Vulnerabilities
2014-11-07 00:00:00
mageia
mageia
Updated dropbear packages fix CVE-2013-4421
2013-10-26 01:10:23
citrix
citrix
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.021 Low
EPSS
Percentile
89.1%
Related for DEBIANCVE:CVE-2013-4434