CVE-2005-4178

high

Description

Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.

References

http://www.vupen.com/english/advisories/2005/2962

http://www.securityfocus.com/bid/15923/

http://www.gentoo.org/security/en/glsa/glsa-200512-13.xml

http://www.debian.org/security/2005/dsa-923

http://secunia.com/advisories/18142

http://secunia.com/advisories/18109

http://secunia.com/advisories/18108

http://matt.ucc.asn.au/dropbear/dropbear.html

http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html

Details

Source: Mitre, NVD

Published: 2005-12-12

Updated: 2018-10-30

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High