7.5
CVE-2004-2486
- EPSS 3.03%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:09:44
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The DSS verification code in Dropbear SSH Server before 0.43 frees uninitialized variables, which might allow remote attackers to gain access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dropbear Ssh Project ≫ Dropbear Ssh Version < 0.43
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.03% | 0.858 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://matt.ucc.asn.au/dropbear/CHANGES
http://secunia.com/advisories/12153
http://secunia.com/advisories/28935
http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7a.shtml
http://www.osvdb.org/8137
http://www.securityfocus.com/bid/10803
http://www.vupen.com/english/advisories/2008/0543
https://exchange.xforce.ibmcloud.com/vulnerabilities/16810
https://exchange.xforce.ibmcloud.com/vulnerabilities/40490