Latest Dropbear ssh project Vulnerabilities

● CVE-2023-48795

Prefix Truncation Attacks in SSH Specification (Terrapin Attack)

pip/paramiko>=2.5.0<3.4.0

go/golang.org/x/crypto<0.17.0

rust/russh<0.40.2

Apple macOS Sonoma<14.4

Openbsd Openssh<9.6

Putty Putty<0.80

and 128 more

● CVE-2021-36369

Dropbear Ssh Project Dropbear Ssh<=2020.81

Debian Debian Linux=10.0

● CVE-2020-36254

scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685.

Dropbear Ssh Project Dropbear Ssh<2020.79

● CVE-2017-2659

It was found that dropbear before version 2013.59 with GSSAPI leaks whether given username is valid or invalid. When an invalid username is given, the GSSAPI authentication failure was incorrectly cou...

Dropbear Ssh Project Dropbear Ssh<2013.59

● CVE-2018-15599

The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages ...

Debian Debian Linux=8.0

Dropbear Ssh Project Dropbear Ssh<=2018.76

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.