Dropbear SSH Server svr_ses.childpidsize Remote Overflow

high Nessus Plugin ID 34769

Synopsis

Authenticated users can gain elevated privileges.

Description

According to its banner, the remote host is runnning a version of Dropbear SSH before 0.47. Such versions contain a buffer allocation error that may allow an authenticated user to gain elevated privileges.

Solution

Upgrade to the Dropbear SSH 0.47 or later.

See Also

https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html

http://matt.ucc.asn.au/dropbear/CHANGES

Plugin Details

Severity: High

ID: 34769

File Name: dropbear_ssh_0_47.nasl

Version: 1.11

Type: remote

Family: Misc.

Published: 11/13/2008

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:matt_johnston:dropbear_ssh_server

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 12/11/2005

Reference Information

CVE: CVE-2005-4178

BID: 15923