Vulnerability Details CVE-2005-4178
Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.02
EPSS Ranking 82.8%
CVSS Severity
CVSS v2 Score 6.5
References
- http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html
- http://matt.ucc.asn.au/dropbear/dropbear.html
- http://secunia.com/advisories/18108
- http://secunia.com/advisories/18109
- http://secunia.com/advisories/18142
- http://www.debian.org/security/2005/dsa-923
- http://www.gentoo.org/security/en/glsa/glsa-200512-13.xml
- http://www.securityfocus.com/bid/15923/
- http://www.vupen.com/english/advisories/2005/2962
- http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html
- http://matt.ucc.asn.au/dropbear/dropbear.html
- http://secunia.com/advisories/18108
- http://secunia.com/advisories/18109
- http://secunia.com/advisories/18142
- http://www.debian.org/security/2005/dsa-923
- http://www.gentoo.org/security/en/glsa/glsa-200512-13.xml
- http://www.securityfocus.com/bid/15923/
- http://www.vupen.com/english/advisories/2005/2962
Products affected by CVE-2005-4178
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.28
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.29
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.30
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.31
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.32
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.33
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.34
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.35
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.36
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.37
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.38
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.39
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.40
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.41
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.42
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.43
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.44
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.45
-
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:0.46
-
cpe:2.3:o:debian:debian_linux:3.0
-
cpe:2.3:o:debian:debian_linux:3.1