Detections
Analytics

Dropbear SSH < 2015.68.0 DoS

high Nessus Network Monitor Plugin ID 700026

Synopsis

The remote host is running an outdated SSH server that is vulnerable to a Denial of Service (DoS) attack vector.

Description

Dropbear is an SSH client and server application. Versions of Dropbear SSH server prior to 2015.68.0 are potentially vulnerable to a NULL pointer dereference flaw that is triggered when handling SSH ECC keys. This may potentially allow a remote attacker to cause the program to crash.

Solution

Update to Dropbear version 2015.68.0 or later.

See Also

http://matt.ucc.asn.au/dropbear/CHANGES

http://community.ubnt.com/t5/UniFi-Video-Blog/UniFi-Video-3-2-Release/ba-p/1517386

Plugin Details

Severity: High

ID: 700026

Family: SSH

Published: 3/28/2017

Updated: 3/6/2019

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:matt_johnston:dropbear_ssh_server

Patch Publication Date: 8/8/2015

Vulnerability Publication Date: 8/8/2015