Main Vulnerability Database Vulnerabilities #VU309

#VU309 Format string error in Dropbear

Published: August 13, 2016

Vulnerability identifier: #VU309

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Clear

CVE-ID: N/A

CWE-ID: CWE-134

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Dropbear

Software vendor:
Matt Johnston

Description

The vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.

The vulnerability exists due to a format string error when handling usernames, containing format string characters (e.g. %) in getpwnam() function. A remote attacker with the ability to manipulate his username can execute arbitrary code on the target system.

Successful exploitation may allow an attacker to gain complete control over the vulnerable system.

Remediation

Update to the latest version 2016.74.

External links

https://matt.ucc.asn.au/dropbear/CHANGES