Gentoo update for Dropbear
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2018-0739 CVE-2018-12437 CVE-2018-20685 |
| CWE-ID | CWE-400 CWE-200 CWE-284 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Gentoo Linux Operating systems & Components / Operating system |
| Vendor | Gentoo |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Resource exhaustion
EUVDB-ID: #VU11294
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0739
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to excessive stack memory consumption. A remote attacker can cause the service to crash.
Update the affected packages.
net-misc/dropbear to version: 2020.80
Gentoo Linux: All versions
External linkshttp://security.gentoo.org/
http://security.gentoo.org/glsa/202007-53
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU13399
Risk: Low
CVSSv3.1: 5.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-12437
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists in the libtomcrypt library due to a leakage of information through memory caches when the library uses a private key to create Elliptic Curve Digital Signature Algorithm (ECDSA) signatures. A local attacker can conduct a memory-cache side-channel attack and recover sensitive information, such ECDSA private keys, which could be used to conduct further attacks.
MitigationUpdate the affected packages.
net-misc/dropbear to version: 2020.80
Gentoo Linux: All versions
External linkshttp://security.gentoo.org/
http://security.gentoo.org/glsa/202007-53
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Security restrictions bypass
EUVDB-ID: #VU16946
Risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-20685
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions on the target system.
The vulnerability exists due to improper validation of filenames by the scp.c source code file in the SCP client . A remote unauthenticated attacker can trick the victim into accessing a file with the filename of . or an empty filename from an attacker-controlled Secure Shell (SSH) server to bypass access restrictions on the system, which could be used to conduct further attacks.
MitigationUpdate the affected packages.
net-misc/dropbear to version: 2020.80
Gentoo Linux: All versions
External linkshttp://security.gentoo.org/
http://security.gentoo.org/glsa/202007-53
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
