Mageia: Security Advisory (MGASA-2017-0165)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-948-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 26 : dropbear (2017-a50319c820)

Security fixes for CVE-2017-9078 CVE-2017-9079 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Dropbear Symlink Local File Read Vulnerability (CVE-2017-9079)

Dropbear is prone to a local file read vulnerability via symlinks. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Fedora 25 : dropbear (2017-8e9bd58cbb)

Security fixes for CVE-2017-9078 CVE-2017-9079 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora 24 : dropbear (2017-b22de5c767)

Security fixes for CVE-2017-9078 CVE-2017-9079 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora Update for dropbear FEDORA-2017-8e9bd58cbb

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for dropbear FEDORA-2017-b22de5c767

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3859-1 : dropbear - security update

Two vulnerabilities were found in Dropbear, a lightweight SSH2 server and client : - CVE-2017-9078 Mark Shepard discovered a double free in the TCP listener cleanup which could result in denial of service by an authenticated user if Dropbear is running with the '-a' option. - CVE-2017-9079 Jann...

[SECURITY] [DLA 948-1] dropbear security update

Package : dropbear Version : 2012.55-1.3+deb7u2 CVE ID : CVE-2017-9079 A vulnerability was found in Dropbear, a lightweight SSH2 server and client. CVE-2017-9079 Jann Horn discovered a local information leak in parsing the .authorizedkeys file. For Debian 7 "Wheezy", this problem has been fixed i...

[SECURITY] [DSA 3859-1] dropbear security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3859-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 19, 2017 https://www.debian.org/security/faq -...

CVE-2017-9079

Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorizedkeys file format with a command= option. This occurs because /.ssh/authorizedkeys is read with root privileges and symlinks are followed...

ALPINE-CVE-2017-9079

Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorizedkeys file format with a command= option. This occurs because /.ssh/authorizedkeys is read with root privileges and symlinks are followed...

CVE-2017-9079

Dropbear before 2017.75 may allow local users to read files as root when ~/.ssh/authorized_keys contains a command= option. The root privilege is involved because authorized_keys is read with root privileges and symlinks are followed. The underlying issue is that Dropbear parsed authorized_keys a...