Vulnerabilities > CVE-2004-2486 - Unspecified vulnerability in Dropbear SSH Project Dropbear SSH

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

nessus

NVD

Published: 2004-12-31

Updated: 2024-11-20

Summary

The DSS verification code in Dropbear SSH Server before 0.43 frees uninitialized variables, which might allow remote attackers to gain access.

Part	Description	Count
Application	Dropbear_Ssh_Project Dropbear SSH Project Dropbear SSH 0.28 Dropbear SSH Project Dropbear SSH 0.29 Dropbear SSH Project Dropbear SSH 0.30 Dropbear SSH Project Dropbear SSH 0.31 Dropbear SSH Project Dropbear SSH 0.32 Dropbear SSH Project Dropbear SSH 0.33 Dropbear SSH Project Dropbear SSH 0.34 Dropbear SSH Project Dropbear SSH 0.35 Dropbear SSH Project Dropbear SSH 0.36 Dropbear SSH Project Dropbear SSH 0.37 Dropbear SSH Project Dropbear SSH 0.38 Dropbear SSH Project Dropbear SSH 0.39 Dropbear SSH Project Dropbear SSH 0.40 Dropbear SSH Project Dropbear SSH 0.41 Dropbear SSH Project Dropbear SSH 0.42	15

NASL family	Gain a shell remotely
NASL id	DROPBEAR_SSH.NASL
description	The remote host is running Dropbear prior to version 0.43. There is a flaw in this version of Dropbear that could enable a remote attacker to gain control of the system from a remote location.
last seen	2020-06-01
modified	2020-06-02
plugin id	14234
published	2004-08-09
reporter	This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/14234
title	Dropbear SSH Server DSS Verification Failure Remote Privilege Escalation