dropbear: code execution
| Package(s): | dropbear | CVE #(s): | CVE-2012-0920 | ||||||||||||||||
| Created: | April 25, 2012 | Updated: | September 27, 2013 | ||||||||||||||||
| Description: | From the Debian advisory:
Danny Fullerton discovered a use-after-free in the Dropbear SSH daemon, resulting in potential execution of arbitrary code. Exploitation is limited to users, who have been authenticated through public key authentication and for which command restrictions are in place. | ||||||||||||||||||
| Alerts: |
| ||||||||||||||||||