CVE-2005-4178
published 2005-12-12CVE-2005-4178: Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be…
PriorityP427medium6.5CVSS 2.0
AVNACLAuSCPIPAP
EPSS
3.44%
87.5th percentile
Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | dropbear | < dropbear 0.47-1 (bookworm) | dropbear 0.47-1 (bookworm) |
| dropbear_ssh_project | dropbear_ssh | < 0.47 | 0.47 |
| dropbear_ssh_project | dropbear_ssh | >= 0 < 0.47-1 | 0.47-1 |
| dropbear_ssh_project | dropbear_ssh | >= 0 < 0.47-1 | 0.47-1 |
| dropbear_ssh_project | dropbear_ssh | >= 0 < 0.47-1 | 0.47-1 |
| dropbear_ssh_project | dropbear_ssh | >= 0 < 0.47-1 | 0.47-1 |
CVSS provenance
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
osv6.5MEDIUM
vendor_debian6.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6483-gg6m-x7w8: Buffer overflow in Dropbear server before 0
ghsa_unreviewed·2022-05-01
CVE-2005-4178 [MEDIUM] GHSA-6483-gg6m-x7w8: Buffer overflow in Dropbear server before 0
Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.
OSV
CVE-2005-4178: Buffer overflow in Dropbear server before 0
osv·2005-12-12·CVSS 6.5
CVE-2005-4178 [MEDIUM] CVE-2005-4178: Buffer overflow in Dropbear server before 0
Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.
Debian
CVE-2005-4178: dropbear - Buffer overflow in Dropbear server before 0.47 allows authenticated users to exe...
vendor_debian·2005·CVSS 6.5
CVE-2005-4178 [MEDIUM] CVE-2005-4178: dropbear - Buffer overflow in Dropbear server before 0.47 allows authenticated users to exe...
Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.
Scope: local
bookworm: resolved (fixed in 0.47-1)
bullseye: resolved (fixed in 0.47-1)
forky: resolved (fixed in 0.47-1)
sid: resolved (fixed in 0.47-1)
trixie: resolved (fixed in 0.47-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.htmlhttp://matt.ucc.asn.au/dropbear/dropbear.htmlhttp://secunia.com/advisories/18108http://secunia.com/advisories/18109http://secunia.com/advisories/18142http://www.debian.org/security/2005/dsa-923http://www.gentoo.org/security/en/glsa/glsa-200512-13.xmlhttp://www.securityfocus.com/bid/15923/http://www.vupen.com/english/advisories/2005/2962http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.htmlhttp://matt.ucc.asn.au/dropbear/dropbear.htmlhttp://secunia.com/advisories/18108http://secunia.com/advisories/18109http://secunia.com/advisories/18142http://www.debian.org/security/2005/dsa-923http://www.gentoo.org/security/en/glsa/glsa-200512-13.xmlhttp://www.securityfocus.com/bid/15923/http://www.vupen.com/english/advisories/2005/2962
2005-12-12
Published