Vulnerabilities > CVE-2005-4178
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.
Vulnerable Configurations
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200512-13.NASL description The remote host is affected by the vulnerability described in GLSA-200512-13 (Dropbear: Privilege escalation) Under certain conditions Dropbear could fail to allocate a sufficient amount of memory, possibly resulting in a buffer overflow. Impact : By sending specially crafted data to the server, authenticated users could exploit this vulnerability to execute arbitrary code with the permissions of the SSH server user, which is the root user by default. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 20354 published 2005-12-30 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20354 title GLSA-200512-13 : Dropbear: Privilege escalation NASL family Debian Local Security Checks NASL id DEBIAN_DSA-923.NASL description A buffer overflow has been discovered in dropbear, a lightweight SSH2 server and client, that may allow authenticated users to execute arbitrary code as the server user (usually root). last seen 2020-06-01 modified 2020-06-02 plugin id 22789 published 2006-10-14 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22789 title Debian DSA-923-1 : dropbear - buffer overflow NASL family Misc. NASL id DROPBEAR_SSH_0_47.NASL description According to its banner, the remote host is runnning a version of Dropbear SSH before 0.47. Such versions contain a buffer allocation error that may allow an authenticated user to gain elevated privileges. last seen 2020-06-01 modified 2020-06-02 plugin id 34769 published 2008-11-13 reporter This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/34769 title Dropbear SSH Server svr_ses.childpidsize Remote Overflow
References
- http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html
- http://matt.ucc.asn.au/dropbear/dropbear.html
- http://secunia.com/advisories/18108
- http://secunia.com/advisories/18109
- http://secunia.com/advisories/18142
- http://www.debian.org/security/2005/dsa-923
- http://www.gentoo.org/security/en/glsa/glsa-200512-13.xml
- http://www.securityfocus.com/bid/15923/
- http://www.vupen.com/english/advisories/2005/2962