dropbear -- arbitrary code execution

ID EBA70DB4-6640-11E1-98AF-00262D8B701D
Type freebsd
Reporter FreeBSD
Modified 2012-02-22T00:00:00


The Dropbear project reports:

Dropbear SSH Server could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after- free error. If a command restriction is enforced, an attacker could exploit this vulnerability to execute arbitrary code on the system with root privileges.