{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-12-11T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2005-12-20T10:00:00", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian"}, "references": [{"name": "18142", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18142"}, {"name": "15923", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/15923/"}, {"name": "[dropbear] 20051211 Dropbear 0.47 (and security fix)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html"}, {"name": "18109", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18109"}, {"name": "GLSA-200512-13", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-13.xml"}, {"name": "DSA-923", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2005/dsa-923"}, {"name": "18108", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18108"}, {"tags": ["x_refsource_MISC"], "url": "http://matt.ucc.asn.au/dropbear/dropbear.html"}, {"name": "ADV-2005-2962", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2005/2962"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@debian.org", "ID": "CVE-2005-4178", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "18142", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18142"}, {"name": "15923", "refsource": "BID", "url": "http://www.securityfocus.com/bid/15923/"}, {"name": "[dropbear] 20051211 Dropbear 0.47 (and security fix)", "refsource": "MLIST", "url": "http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html"}, {"name": "18109", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18109"}, {"name": "GLSA-200512-13", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-13.xml"}, {"name": "DSA-923", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-923"}, {"name": "18108", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18108"}, {"name": "http://matt.ucc.asn.au/dropbear/dropbear.html", "refsource": "MISC", "url": "http://matt.ucc.asn.au/dropbear/dropbear.html"}, {"name": "ADV-2005-2962", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2962"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T23:38:51.292Z"}, "title": "CVE Program Container", "references": [{"name": "18142", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/18142"}, {"name": "15923", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/15923/"}, {"name": "[dropbear] 20051211 Dropbear 0.47 (and security fix)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html"}, {"name": "18109", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/18109"}, {"name": "GLSA-200512-13", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-13.xml"}, {"name": "DSA-923", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2005/dsa-923"}, {"name": "18108", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/18108"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://matt.ucc.asn.au/dropbear/dropbear.html"}, {"name": "ADV-2005-2962", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2005/2962"}]}]}, "cveMetadata": {"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2005-4178", "datePublished": "2005-12-12T21:00:00", "dateReserved": "2005-12-12T00:00:00", "dateUpdated": "2024-08-07T23:38:51.292Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*", "matchCriteriaId": "42FAEFDB-C7B0-40F2-B09F-5F4FE1605C17", "versionEndExcluding": "0.47", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations."}], "id": "CVE-2005-4178", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-12-12T21:03:00.000", "references": [{"source": "security@debian.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html"}, {"source": "security@debian.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://matt.ucc.asn.au/dropbear/dropbear.html"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/18108"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/18109"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/18142"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2005/dsa-923"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-13.xml"}, {"source": "security@debian.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/15923/"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2005/2962"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://matt.ucc.asn.au/dropbear/dropbear.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/18108"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/18109"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/18142"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2005/dsa-923"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-13.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/15923/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2005/2962"}], "sourceIdentifier": "security@debian.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}