Dropbear SSH Server, can it be upgraded?

45 Views
Last Post 29 May 2018

Wallace Karraker posted this 29 May 2018 - Last edited 29 May 2018

We have multiple clients that have stringent audit requirements. We perform Nessus scans across all networks, including the management networks of our two new Vtrak E5800 units and ancient Vtrak E610f system. Until recently we were able to mitigate many of the security violations by shutting down the webserver and running just e-mail and SSH services. Now we may need to shut down the SSH services to comply.

All three systems have the latest firmware installed for each system, they are now failing the following...

Dropbear SSH Server < 2016.72 Multiple Vulnerabilities

Synopsis

The SSH service running on the remote host is affected by multiple vulnerabilities.

Description

According to its self-reported version in its banner, Dropbear SSH running on the remote host is prior to 2016.74. It is, therefore, affected by the following vulnerabilities :

A format string flaw exists due to improper handling of string format specifiers (e.g., %s and %x) in usernames and host arguments. An unauthenticated, remote attacker can exploit this to execute arbitrary code with root privileges. (CVE-2016-7406)
A flaw exists in dropbearconvert due to improper handling of specially crafted OpenSSH key files. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2016-7407)
A flaw exists in dbclient when handling the -m or -c arguments in scripts. An unauthenticated, remote attacker can exploit this, via a specially crafted script, to execute arbitrary code. (CVE-2016-7408)
A flaw exists in dbclient or dropbear server if they are compiled with the DEBUG_TRACE option and then run using the -v switch. A local attacker can exploit this to disclose process memory. (CVE-2016-7409)

Dropbear SSH Server, can it be upgraded?

Search

Categories