Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2012-0920
HistoryJun 05, 2012 - 12:00 a.m.

CVE-2012-0920

2012-06-0500:00:00
ubuntu.com
ubuntu.com
21

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.01 Low

EPSS

Percentile

83.7%

JSON

Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54,
when command restriction and public key authentication are enabled, allows
remote authenticated users to execute arbitrary code and bypass command
restrictions via multiple crafted command requests, related to “channels
concurrency.”

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchdropbear< 0.52-4ubuntu0.10.04.1UNKNOWN
ubuntu11.04noarchdropbear< 0.52-5+squeeze1build0.11.04.1UNKNOWN
ubuntu11.10noarchdropbear< 0.53.1-1ubuntu1.1UNKNOWN
ubuntu12.04noarchdropbear< 2011.54-1ubuntu0.12.04.1UNKNOWN

Related

openvas 8
securityvulns 2
debiancve 1
nessus 5
debian 1
cve 1
freebsd 1
cvelist 1
prion 1
fedora 1
gentoo 1
oracle 1
openvas
openvas
Debian Security Advisory DSA 2456-1 (dropbear - use after free)
2013-09-18 00:00:00
Fedora Update for dropbear FEDORA-2012-10934
2012-07-30 00:00:00
FreeBSD Ports: dropbear
2012-03-12 00:00:00
securityvulns
securityvulns
Dropbear SSH server use-after-free
2012-03-19 00:00:00
Dropbear SSH server use-after-free vulnerability
2012-03-19 00:00:00
debiancve
debiancve
CVE-2012-0920
2012-06-05 22:55:00
nessus
nessus
FreeBSD : dropbear -- arbitrary code execution (eba70db4-6640-11e1-98af-00262d8b701d)
2012-03-05 00:00:00
Fedora 16 : dropbear-0.55-1.fc16 (2012-10934)
2012-07-30 00:00:00
GLSA-201309-20 : Dropbear: Multiple vulnerabilities
2013-09-27 00:00:00
debian
debian
[SECURITY] [DSA 2456-1] dropbear security update
2012-04-24 20:19:21
cve
cve
CVE-2012-0920
2012-06-05 22:55:00
freebsd
freebsd
dropbear -- arbitrary code execution
2012-02-22 00:00:00
cvelist
cvelist
CVE-2012-0920
2012-06-05 22:00:00
prion
prion
Design/Logic Flaw
2012-06-05 22:55:00
fedora
fedora
[SECURITY] Fedora 16 Update: dropbear-0.55-1.fc16
2012-07-29 00:52:56
gentoo
gentoo
Dropbear: Multiple vulnerabilities
2013-09-26 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2017
2017-04-18 00:00:00

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.01 Low

EPSS

Percentile

83.7%

JSON
Related for UB:CVE-2012-0920
openvas8securityvulns2debiancve1nessus5debian1cve1freebsd1cvelist1prion1fedora1gentoo1oracle1