CVE-2012-0920
high
CVSS v3
—
CVSS v2
7.1
VIR risk
7.1
Description
Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54, when command restriction and public key authentication are enabled, allows remote authenticated users to execute arbitrary code and bypass command restrictions via multiple crafted command requests, related to "channels concurrency."
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2012-0920
Vendor advisory: cve@mitre.org — https://secure.ucc.asn.au/hg/dropbear/rev/818108bf7749
Vendor advisory: cve@mitre.org — http://matt.ucc.asn.au/dropbear/CHANGES
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| debian | bookworm | fixed | 2012.55-1 |
| debian | bullseye | fixed | 2012.55-1 |
| debian | forky | fixed | 2012.55-1 |
| debian | sid | fixed | 2012.55-1 |
| debian | trixie | fixed | 2012.55-1 |
| debian | 6.0 | affected | |
| debian | 7.0 | affected | |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| dropbear_ssh_project | dropbear_ssh | {"startIncluding":"0.52","endIncluding":"2012.54"} | |
References
- http://matt.ucc.asn.au/dropbear/CHANGES
- http://secunia.com/advisories/48147
- http://secunia.com/advisories/48929
- http://www.debian.org/security/2012/dsa-2456
- http://www.osvdb.org/79590
- http://www.securityfocus.com/bid/52159
- https://exchange.xforce.ibmcloud.com/vulnerabilities/73444
- https://secure.ucc.asn.au/hg/dropbear/rev/818108bf7749
- https://www.mantor.org/~northox/misc/CVE-2012-0920.html
- https://security-tracker.debian.org/tracker/CVE-2012-0920
CWEs
CWE-399
Verify integrity in audit chain (admin only). AS-IS.