18 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-7408
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dbclient in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via a crafted 1 -m or 2 -c argument. CVE-2016-7408 Note that Nessu...
Linux Distros Unpatched Vulnerability : CVE-2025-47203
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used. CVE-2025-47203 Note that Nessus...
Updated dropbear packages fix security vulnerability
dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used...
DEBIAN-CVE-2025-47203
dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used...
UBUNTU-CVE-2025-47203
dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used...
CVE-2025-47203
dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used...
CVE-2025-47203
CVE-2025-47203 affects the Dropbear SSH package’s dbclient before version 2025.88. The vulnerability arises because a shell is used when processing the hostname argument, allowing an attacker to craft an untrusted hostname that can trigger command execution. Impact is described as arbitrary comma...
dropbear 安全漏洞
dropbear is an application by Matt Johnston Personal Developer. A security vulnerability exists in dropbear versions prior to 2025.88 that stems from an untrusted hostname parameter in the dbclient leading to command injection...
CVE-2025-47203
dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used...
SUSE CVE-2016-7408
The dbclient in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via a crafted 1 -m or 2 -c argument...
Updated dropbear packages fix security vulnerability
Updated dropbear package fixes a security vulnerability in dbclient:. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measure...
CVE-2016-7408
The dbclient in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via a crafted 1 -m or 2 -c argument...
Code injection
The dbclient in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via a crafted 1 -m or 2 -c argument...
DEBIAN-CVE-2016-7408
The dbclient in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via a crafted 1 -m or 2 -c argument...
Dropbear SSH Server < 2016.72 Multiple Vulnerabilities
According to its self-reported version in its banner, Dropbear SSH running on the remote host is prior to 2016.74. It is, therefore, affected by the following vulnerabilities : - A format string flaw exists due to improper handling of string format specifiers e.g., %s and %x in usernames and host...
MGASA-2016-0301 Updated dropbear packages fix security vulnerability
Message printout was vulnerable to format string injection. If specific usernames including "%" symbols can be created on a system validated by getpwnam then an attacker could run arbitrary code as root when connecting to Dropbear server. Also, a dbclient user who can control username or host...
openSUSE: Security Advisory for dropbear (openSUSE-SU-2016:1917-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2007-1099
dbclient in Dropbear SSH client before 0.49 does not sufficiently warn the user when it detects a hostkey mismatch, which might allow remote attackers to conduct man-in-the-middle attacks...