CVE-2016-7407

The dropbearconvert command in Dropbear SSH before 2016.74 allows attackers to execute arbitrary code via a crafted OpenSSH key file.
References
Link Resource
https://security.gentoo.org/glsa/201702-23 Patch Third Party Advisory VDB Entry
https://secure.ucc.asn.au/hg/dropbear/rev/34e6127ef02e Issue Tracking Patch Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1376353 Issue Tracking
http://www.securityfocus.com/bid/92972 Third Party Advisory VDB Entry
http://www.openwall.com/lists/oss-security/2016/09/15/2 Mailing List Patch Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*

Information

Published : 2017-03-03 08:59

Updated : 2017-03-04 14:55


NVD link : CVE-2016-7407

Mitre link : CVE-2016-7407


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

dropbear_ssh_project

  • dropbear_ssh