Filtered by vendor Dropbear Ssh Project
Subscribe
Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9078 | 3 Debian, Dropbear Ssh Project, Netapp | 4 Debian Linux, Dropbear Ssh, H410c and 1 more | 2022-07-11 | 8.5 HIGH | 8.8 HIGH |
| The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -a option is enabled. | |||||
| CVE-2020-36254 | 1 Dropbear Ssh Project | 1 Dropbear Ssh | 2021-09-17 | 6.8 MEDIUM | 8.1 HIGH |
| scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685. | |||||
| CVE-2017-2659 | 1 Dropbear Ssh Project | 1 Dropbear Ssh | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| It was found that dropbear before version 2013.59 with GSSAPI leaks whether given username is valid or invalid. When an invalid username is given, the GSSAPI authentication failure was incorrectly counted towards the maximum allowed number of password attempts. | |||||
| CVE-2016-7408 | 1 Dropbear Ssh Project | 1 Dropbear Ssh | 2017-03-04 | 6.5 MEDIUM | 8.8 HIGH |
| The dbclient in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via a crafted (1) -m or (2) -c argument. | |||||