Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.DROPBEAR_SSH.NASL
HistoryAug 09, 2004 - 12:00 a.m.

Dropbear SSH Server DSS Verification Failure Remote Privilege Escalation

2004-08-0900:00:00
This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
www.tenable.com
35
JSON

The remote host is running Dropbear prior to version 0.43. There is a flaw in this version of Dropbear that could enable a remote attacker to gain control of the system from a remote location.

#
# (C) Tenable Network Security, Inc.
#


include("compat.inc");

if (description) {
  script_id(14234);
  script_version("1.21");

  script_cve_id("CVE-2004-2486");
  script_bugtraq_id(10803);

  script_name(english:"Dropbear SSH Server DSS Verification Failure Remote Privilege Escalation");
 
 script_set_attribute(attribute:"synopsis", value:
"Arbitrary code may be run on the remote host." );
 script_set_attribute(attribute:"description", value:
"The remote host is running Dropbear prior to version 0.43.  
There is a flaw in this version of Dropbear that could
enable a remote attacker to gain control of the system
from a remote location." );
 script_set_attribute(attribute:"see_also", value:"http://matt.ucc.asn.au/dropbear/CHANGES" );
 script_set_attribute(attribute:"solution", value:
"Upgrade to at least version 0.43 of Dropbear." );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

 script_set_attribute(attribute:"plugin_publication_date", value: "2004/08/09");
 script_set_attribute(attribute:"vuln_publication_date", value: "2004/07/16");
 script_cvs_date("Date: 2018/07/10 14:27:33");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe",value:"cpe:/a:matt_johnston:dropbear_ssh_server");
script_end_attributes();

 
  script_summary(english:"Dropbear remote DSS SSH vuln check");
  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.");
  script_family(english:"Gain a shell remotely");
  script_require_ports("Services/ssh", 22);
  script_dependencie("ssh_detect.nasl");
  exit(0);
}



port = get_kb_item ("Services/ssh"); 
if (!port) port = 22;
if (!get_port_state (port)) exit (0);

banner = get_kb_item("SSH/banner/" + port );

if (! banner) exit(0);

# version 0.28 thru 0.42 are vulnerable
if (egrep(string:banner, pattern:"-dropbear_0\.(2[0-9]|3[0-9]|4[0-2])") )
	security_hole(port);
VendorProductVersionCPE
matt_johnstondropbear_ssh_servercpe:/a:matt_johnston:dropbear_ssh_server

Related

debiancve 1
cve 1
cvelist 1
openvas 1
securityvulns 1
cisco 1
debiancve
debiancve
CVE-2004-2486
2004-12-31 05:00:00
cve
cve
CVE-2004-2486
2004-12-31 05:00:00
cvelist
cvelist
CVE-2004-2486
2005-10-25 04:00:00
openvas
openvas
Dropbear SSH < 0.43 DSS Verification Code Vulnerability
2014-11-14 00:00:00
securityvulns
securityvulns
Cisco Security Advisory: Cisco Unified IP Phone Overflow and Denial of Service Vulnerabilities
2008-02-16 00:00:00
cisco
cisco
Cisco Unified IP Phone Overflow and Denial of Service Vulnerabilities
2008-02-13 16:00:00
JSON
Related for DROPBEAR_SSH.NASL
debiancve1cve1cvelist1openvas1securityvulns1cisco1