You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

66 lines
1.9 KiB

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200512-13">
<title>Dropbear: Privilege escalation</title>
<synopsis>
A buffer overflow in Dropbear could allow authenticated users to execute
arbitrary code as the root user.
</synopsis>
<product type="ebuild">dropbear</product>
<announced>2005-12-23</announced>
<revised count="01">2005-12-23</revised>
<bug>116006</bug>
<access>remote</access>
<affected>
<package name="net-misc/dropbear" auto="yes" arch="*">
<unaffected range="ge">0.47</unaffected>
<vulnerable range="lt">0.47</vulnerable>
</package>
</affected>
<background>
<p>
Dropbear is an SSH server and client with a small memory
footprint.
</p>
</background>
<description>
<p>
Under certain conditions Dropbear could fail to allocate a
sufficient amount of memory, possibly resulting in a buffer overflow.
</p>
</description>
<impact type="high">
<p>
By sending specially crafted data to the server, authenticated
users could exploit this vulnerability to execute arbitrary code with
the permissions of the SSH server user, which is the root user by
default.
</p>
</impact>
<workaround>
<p>
There is no known workaround at this time.
</p>
</workaround>
<resolution>
<p>
All Dropbear users should upgrade to the latest version:
</p>
<code>
# emerge --sync
# emerge --ask --oneshot --verbose "&gt;=net-misc/dropbear-0.47"</code>
</resolution>
<references>
<uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4178">CVE-2005-4178</uri>
</references>
<metadata tag="requester" timestamp="2005-12-20T11:10:03Z">
koon
</metadata>
<metadata tag="submitter" timestamp="2005-12-20T16:40:12Z">
DerCorny
</metadata>
<metadata tag="bugReady" timestamp="2005-12-21T10:00:54Z">
DerCorny
</metadata>
</glsa>