Dropbear SSH Server Username Remote Format String
Critical Nessus Plugin ID 11821
SynopsisIt is possible to execute arbitrary code on the remote host.
DescriptionThe remote host is runnning Dropbear SSH.
There is a format string vulnerability in all versions of the Dropbear SSH server up to and including version 0.34. An attacker may use this flaw to execute arbitrary code on the remote host.
SolutionUpgrade to the latest version of the Dropbear SSH server.