6.5

CVE-2005-4178

EPSS 1.72%
Veröffentlicht 12.12.2005 21:03:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle security@debian.org
CVE-Watchlists
Login
Unerledigt
Login

Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Dropbear Ssh Project ≫ Dropbear Ssh Version < 0.47

Debian ≫ Debian Linux Version3.0

Debian ≫ Debian Linux Version3.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.72%	0.816

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	8	6.4	AV:N/AC:L/Au:S/C:P/I:P/A:P

http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html

Patch

Vendor Advisory

http://matt.ucc.asn.au/dropbear/dropbear.html

Patch

Vendor Advisory

http://secunia.com/advisories/18108

Third Party Advisory

http://secunia.com/advisories/18109

Third Party Advisory

http://secunia.com/advisories/18142

Third Party Advisory

http://www.debian.org/security/2005/dsa-923

Third Party Advisory

http://www.gentoo.org/security/en/glsa/glsa-200512-13.xml

Third Party Advisory

http://www.securityfocus.com/bid/15923/

Third Party Advisory

VDB Entry

http://www.vupen.com/english/advisories/2005/2962

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2005-4178

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-4178

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-4178

EUVD