PT-2004-3378 · Dropbear · Dropbear Ssh Server

Published

2004-12-31

Updated

2018-10-30

CVE-2004-2486

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Dropbear SSH Server versions prior to 0.43

Description: The issue concerns the DSS verification code in Dropbear SSH Server, where uninitialized variables are freed. This could potentially allow remote attackers to gain access.

Recommendations: For versions prior to 0.43, update to version 0.43 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-2486

Affected Products

Dropbear Ssh Server

PT-2004-3378 · Dropbear · Dropbear Ssh Server

CVE-2004-2486

Related Identifiers

Affected Products

References · 13