How to Buy
This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.
The remote host is affected by a remote code execution
According to its self-reported banner, the remote host is running a
version of Dropbear SSH before 2012.55. As such, it reportedly
contains a flaw that might allow an attacker to run arbitrary code on
the remote host with root privileges if they are authenticated using a
public key and command restriction is enforced.
Note that Nessus has not tried to exploit this vulnerability but
instead has relied solely on the version in the service's banner.
Note also, in cases where the host is running ESXi 4.0 or ESXi 4.1,
VMware states in their KB article id 2037316 that this is a false
positive since administrative access is required to login via SSH so
there are no privileges to be gained by exploiting this issue. That
is true only in a default setup, not one in which SSH access has been
enabled for non-root users.
See also :
Upgrade to the Dropbear SSH 2012.55 or later.
Risk factor :
High / CVSS Base Score : 7.1
CVSS Temporal Score : 6.2
Public Exploit Available : false
Nessus Plugin ID: 58183 ()
Bugtraq ID: 52159
CVE ID: CVE-2012-0920
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.