EUVD-2005-4173

Malware in sbrugna...

SUSE CVE-2013-4434

Dropbear SSH Server before 2013.59 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to discover valid usernames...

SUSE CVE-2016-3116

CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data...

PT-2018-16943 · Auto Maskin +3 · Auto-Maskin Dcu-210E +3

Name of the Vulnerable Software and Affected Versions: Auto-Maskin DCU-210E RP-210E versions prior to 3.7 on ARMv7 Description: The firmware of the Auto-Maskin DCU 210E contains an undocumented Dropbear SSH server, version 2015.55, which listens on Port 22. This server is configured with a...

CVE-2017-9078

The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -a option is enabled...

DEBIAN-CVE-2016-7409

The dbclient and server in Dropbear SSH before 2016.74, when compiled with DEBUGTRACE, allows local users to read process memory via the -v argument, related to a failed remote ident...

MGASA-2016-0301 Updated dropbear packages fix security vulnerability

Message printout was vulnerable to format string injection. If specific usernames including "%" symbols can be created on a system validated by getpwnam then an attacker could run arbitrary code as root when connecting to Dropbear server. Also, a dbclient user who can control username or host...

DEBIAN-CVE-2012-0920

Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54, when command restriction and public key authentication are enabled, allows remote authenticated users to execute arbitrary code and bypass command restrictions via multiple crafted command requests, related to "channels...

DEBIAN-CVE-2006-1206

Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedded Linux devices and on general-purpose operating systems, allows remote attackers to cause a denial of service connection slot exhaustion via a large number of connection attempts that exceeds the MAXUNAUTHCLIENTS defined value...

CVE-2005-4178

Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations...

DEBIAN-CVE-2005-4178

Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations...

CVE-2005-4178

Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations...

CVE-2005-4178

Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations...

CVE-2005-4178

Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations...

CVE-2005-4178

CVE-2005-4178 refers to a buffer overflow in Dropbear SSH server prior to 0.47. The vulnerability arises from a memory allocation issue caused by an incorrect order of operations in an input handling path, allowing an authenticated user to execute arbitrary code on the server with the server user...

CVE-2005-4178

Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations...