Linux Distros Unpatched Vulnerability : CVE-2017-9078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -...

Dropbear Post-authentication root RCE Vulnerability (CVE-2017-9078)

Dropbear is prone to a post-authentication root remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Dropbear Information Disclosure Vulnerability

Dropbear is an open source small SSH server and client developed by software developer Matt Johnston , it can run on a variety of platforms based on POSIX Portable Operating System Interface . An information disclosure vulnerability exists in versions of Dropbear prior to 2017.75. A local attacke...

Format string

Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorizedkeys file format with a command= option. This occurs because /.ssh/authorizedkeys is read with root privileges and symlinks are followed...

DEBIAN-CVE-2017-9078

The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -a option is enabled...

CVE-2017-9079

Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorizedkeys file format with a command= option. This occurs because /.ssh/authorizedkeys is read with root privileges and symlinks are followed...