Main Vulnerability Database Vulnerabilities #VU309

Format string error in Dropbear - #VU309

Published: August 13, 2016

Vulnerability identifier: #VU309

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Clear

CVE-ID: N/A

CWE-ID: CWE-134

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Matt Johnston

Affected software:
Dropbear

Detailed vulnerability description

The vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.

The vulnerability exists due to a format string error when handling usernames, containing format string characters (e.g. %) in getpwnam() function. A remote attacker with the ability to manipulate his username can execute arbitrary code on the target system.

Successful exploitation may allow an attacker to gain complete control over the vulnerable system.

Remediation

Update to the latest version 2016.74.

Sources

https://matt.ucc.asn.au/dropbear/CHANGES

Format string error in Dropbear - #VU309

Detailed vulnerability description

Remediation

Sources

Please verify you're human