| Max CVSS | 5.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-15599 | 5.0 |
The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue to CVE-2018-15473 in
|
30-12-2020 - 20:15 | 21-08-2018 - 01:29 | |
| CVE-2013-4434 | 5.0 |
Dropbear SSH Server before 2013.59 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to discover valid usernames.
|
30-10-2018 - 16:28 | 25-10-2013 - 23:55 | |
| CVE-2013-4421 | 5.0 |
The buf_decompress function in packet.c in Dropbear SSH Server before 2013.59 allows remote attackers to cause a denial of service (memory consumption) via a compressed packet that has a large size when it is decompressed.
|
30-10-2018 - 16:28 | 25-10-2013 - 23:55 | |
| CVE-2016-3116 | 5.5 |
CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data. <a href="https://cwe.mitre.org/data/definitions/93.html">CWE-93: Improper Neu
|
03-12-2016 - 03:26 | 22-03-2016 - 10:59 |