Mandriva Linux Security Advisory : dropbear (MDVSA-2013:261)
Medium Nessus Plugin ID 70680
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionUpdated dropbear package fixes security vulnerability :
Possible memory exhaustion denial of service due to the size of decompressed payloads in dropbear before 2013.59 (CVE-2013-4421).
Inconsistent delays in authorization failures could be used to disclose the existence of valid user accounts in dropbear before 2013.59 (CVE-2013-4434).
SolutionUpdate the affected dropbear package.