CVE-2005-4178

Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.

Published: Dec 12, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-4178
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
dropbear_ssh_project / dropbear_ssh	-	0.47
debian / debian_linux	3.1	3.1.x
debian / debian_linux	3.0	3.0.x

http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html
http://matt.ucc.asn.au/dropbear/dropbear.html
http://secunia.com/advisories/18108
http://secunia.com/advisories/18109
http://secunia.com/advisories/18142
http://www.debian.org/security/2005/dsa-923
http://www.gentoo.org/security/en/glsa/glsa-200512-13.xml
http://www.securityfocus.com/bid/15923/
http://www.vupen.com/english/advisories/2005/2962

Vulnerability Database

289,599

CVE-2005-4178