Dropbear Ssh Project: >> Dropbear Ssh >> 2014.64 Security Vulnerabilities
The dbclient and server in Dropbear SSH before 2016.74, when compiled with DEBUG_TRACE, allows local users to read process memory via the -v argument, related to a failed remote ident.
CVSS Score
5.5
EPSS Score
0.003
Published
2017-03-03
CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data.
CVSS Score
6.4
EPSS Score
0.276
Published
2016-03-22
Page 2