FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
60931f98-55a7-11e7-8514-589cfc0654e1Dropbear -- two vulnerabilities

Matt Johnston reports:

Fix double-free in server TCP listener cleanup A double-free in the server could be triggered by an authenticated user if dropbear is running with -a (Allow connections to forwarded ports from any host) This could potentially allow arbitrary code execution as root by an authenticated user.

Fix information disclosure with ~/.ssh/authorized_keys symlink. Dropbear parsed authorized_keys as root, even if it were a symlink. The fix is to switch to user permissions when opening authorized_keys.


Discovery 2017-05-18
Entry 2017-07-03
dropbear
< 2017.75

https://matt.ucc.asn.au/dropbear/CHANGES
CVE-2017-9078
CVE-2017-9079
8c9b48d1-3715-11e3-a624-00262d8b701ddropbear -- exposure of sensitive information, DoS

The Dropbear project reports:

A weakness and a vulnerability have been reported in Dropbear SSH Server, which can be exploited by malicious people to disclose certain sensitive information and cause a DoS.


Discovery 2013-05-08
Entry 2013-10-17
dropbear
ge 2012.55 lt 2013.59

62958
62993
CVE-2013-4421
CVE-2013-4434
http://secunia.com/advisories/55173
8eb78cdc-e9ec-11e5-85be-14dae9d210b8dropbear -- authorized_keys command= bypass

Matt Johnson reports:

Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions


Discovery 2016-03-11
Entry 2016-03-14
dropbear
< 2016.72

https://matt.ucc.asn.au/dropbear/CHANGES
CVE-2016-3116
bc19dcca-7b13-11e6-b99e-589cfc0654e1dropbear -- multiple vulnerabilities

Matt Johnston reports:

If specific usernames including "%" symbols can be created on a system (validated by getpwnam()) then an attacker could run arbitrary code as root when connecting to Dropbear server. A dbclient user who can control username or host arguments could potentially run arbitrary code as the dbclient user. This could be a problem if scripts or webpages pass untrusted input to the dbclient program.

dropbearconvert import of OpenSSH keys could run arbitrary code as the local dropbearconvert user when parsing malicious key files.

dbclient could run arbitrary code as the local dbclient user if particular -m or -c arguments are provided. This could be an issue where dbclient is used in scripts.

dbclient or dropbear server could expose process memory to the running user if compiled with DEBUG_TRACE and running with -v


Discovery 2016-07-12
Entry 2016-09-15
dropbear
< 2016.74

"http://www.openwall.com/lists/oss-security/2016/09/15/2"
CVE-2016-7406
CVE-2016-7407
CVE-2016-7408
CVE-2016-7409