6.5

CVE-2005-4178

EPSS 1.72%
Published 12.12.2005 21:03:00
Last modified 03.04.2025 01:03:51
Source security@debian.org
Teams watchlist Login
Open Login

Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Dropbear Ssh Project ≫ Dropbear Ssh Version < 0.47

Debian ≫ Debian Linux Version3.0

Debian ≫ Debian Linux Version3.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.72%	0.816

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.5	8	6.4	AV:N/AC:L/Au:S/C:P/I:P/A:P

http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html

Patch

Vendor Advisory

http://matt.ucc.asn.au/dropbear/dropbear.html

Patch

Vendor Advisory

http://secunia.com/advisories/18108

Third Party Advisory

http://secunia.com/advisories/18109

Third Party Advisory

http://secunia.com/advisories/18142

Third Party Advisory

http://www.debian.org/security/2005/dsa-923

Third Party Advisory

http://www.gentoo.org/security/en/glsa/glsa-200512-13.xml

Third Party Advisory

http://www.securityfocus.com/bid/15923/

Third Party Advisory

VDB Entry

http://www.vupen.com/english/advisories/2005/2962

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2005-4178

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-4178

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-4178

EUVD