First published: Mon Dec 12 2005(Updated: )
Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.
Credit: security@debian.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dropbear SSH | <0.47 | |
Debian GNU/Linux | =3.1 | |
Debian GNU/Linux | =3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2005-4178 is considered critical due to the potential for remote code execution by authenticated users.
To fix CVE-2005-4178, upgrade to Dropbear SSH version 0.47 or later.
CVE-2005-4178 affects Dropbear SSH versions prior to 0.47 and Debian Linux versions 3.0 and 3.1.
CVE-2005-4178 is categorized as a buffer overflow vulnerability.
If your server is running an affected version of Dropbear SSH or Debian Linux, it is at risk from CVE-2005-4178.