dropbear

2007-03-07

Page content

Author: voroskoi
Vulnerable: 0.48.1-2
Unaffected: 0.49-1siwenna1

A weakness has been reported in Dropbear, which can be exploited by malicious people to bypass certain security restrictions. The weakness is caused due to Dropbear not warning users sufficiently if a hostkey changed, which makes it easier for attackers to e.g. conduct man-in-the-middle attacks.

Bug Tracker URL: http://bugs.frugalware.org/task/1761

CVEs:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1099