Lucene search
K

151 matches found

Prion
Prion
added 2016/03/22 10:59 a.m.22 views

Crlf injection

CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data...

5.5CVSS6.8AI score0.37016EPSS
Exploits13References10Affected Software1
Cvelist
Cvelist
added 2016/03/22 10:0 a.m.28 views

CVE-2016-3116

CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data...

6AI score0.19302EPSS
Exploits4References10
CVE
CVE
added 2016/03/22 10:0 a.m.342 views

CVE-2016-3116

Dropbear SSH CVE-2016-3116 is a CRLF injection vulnerability in Dropbear prior to 2016.72 that allows remote authenticated users to bypass targeted shell-command restrictions via crafted X11 forwarding data. The CNVD entry (CNVD-2016-01816) mirrors this, stating the vulnerability exists in Dropbe...

6.4CVSS5.9AI score0.19302EPSS
Exploits4References10Affected Software1
Debian CVE
Debian CVE
added 2016/03/22 10:0 a.m.41 views

CVE-2016-3116

CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data...

6.4CVSS6.2AI score0.19302EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2016/03/18 12:0 a.m.1461 views

Dropbear SSH Server < 2016.72 xauth Command Injection

According to its self-reported version in the banner, the version of Dropbear SSH running on the remote host is prior to 2016.72. It is, therefore, affected by a command injection vulnerability when X11 Forwarding is enabled, due to improper sanitization of X11 authentication credentials. An...

6.4CVSS7AI score0.19302EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2014/11/19 12:0 a.m.21 views

Dropbear < 0.35 Username Remote Format String Buffer Overflow Vulnerability

Dropbear is prone to a username remote format string buffer overflow. SPDX-FileCopyrightText: 2014 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE =...

7.2AI score
Exploits0References3
OpenVAS
OpenVAS
added 2014/11/14 12:0 a.m.46 views

Dropbear < 0.49 MitM Vulnerability

Dropbear is prone to a man-in-the-middle MitM vulnerability. SPDX-FileCopyrightText: 2014 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE =...

7.5CVSS6.7AI score0.02103EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/11/14 12:0 a.m.41 views

Dropbear < 0.43 DSS Verification Code Vulnerability

Dropbear is prone to a DSS verification code vulnerability. SPDX-FileCopyrightText: 2014 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE =...

7.5CVSS6.9AI score0.03028EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/11/14 12:0 a.m.130 views

Dropbear < 0.47 Buffer Overflow Vulnerability

Dropbear is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2014 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE =...

6.5CVSS7AI score0.03441EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/11/14 12:0 a.m.1402 views

Dropbear < 0.48 Multiple Vulnerabilities

Dropbear is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE =...

5CVSS7.7AI score0.11671EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2014/11/07 12:0 a.m.33 views

Dropbear 0.52 - 2011.54 UAF Vulnerability

Dropbear is prone to a use-after-free UAF vulnerability. SPDX-FileCopyrightText: 2014 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE =...

7.1CVSS8.5AI score0.06489EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/11/07 12:0 a.m.198 views

Dropbear < 2013.59 Multiple Vulnerabilities

Dropbear is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE =...

5CVSS7.5AI score0.06424EPSS
Exploits0References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.75 views

Dropbear SSH <= 0.34 Remote Root Exploit

No description provided by source. / Linux x86 Dropbear SSH = 0.34 remote root exploit coded by live You'll need a hacked ssh client to try this out. I included a patch to openssh-3.6.p1 somewhere below this comment. The point is: the buffer being exploited is too small25 bytes to hold our...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Yoggie Pico and Pico Pro Backticks Remote Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24743/info Yoggie Pico and Pico Pro are prone to a remote code-execution vulnerability because the device fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary code wi...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2013/11/05 12:0 a.m.65 views

Dropbear SSH server timing attacks

Different timings for existent and nonexistent users...

5CVSS3.4AI score0.06424EPSS
Exploits0References1
OSV
OSV
added 2013/10/25 11:55 p.m.5 views

CVE-2013-4421

The bufdecompress function in packet.c in Dropbear SSH Server before 2013.59 allows remote attackers to cause a denial of service memory consumption via a compressed packet that has a large size when it is decompressed...

6.3AI score
Exploits0References12
NVD
NVD
added 2013/10/25 11:55 p.m.28 views

CVE-2013-4434

Dropbear SSH Server before 2013.59 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to discover valid usernames...

5CVSS6.5AI score0.05749EPSS
Exploits0References8
OSV
OSV
added 2013/10/25 11:55 p.m.8 views

CVE-2013-4434

Dropbear SSH Server before 2013.59 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to discover valid usernames...

6.4AI score
Exploits0References10
Prion
Prion
added 2013/10/25 11:55 p.m.26 views

Code injection

The bufdecompress function in packet.c in Dropbear SSH Server before 2013.59 allows remote attackers to cause a denial of service memory consumption via a compressed packet that has a large size when it is decompressed...

5CVSS6.9AI score0.06424EPSS
Exploits0References10Affected Software1
UbuntuCve
UbuntuCve
added 2013/10/25 11:55 p.m.34 views

CVE-2013-4434

Dropbear SSH Server before 2013.59 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to discover valid usernames...

5CVSS5.9AI score0.05749EPSS
Exploits0References1
Rows per page
Query Builder