CVE Vulnerabilities

CVE-2007-1099

Published: Feb 26, 2007 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

dbclient in Dropbear SSH client before 0.49 does not sufficiently warn the user when it detects a hostkey mismatch, which might allow remote attackers to conduct man-in-the-middle attacks.

Affected Software

Name Vendor Start Version End Version
Dropbear_ssh Dropbear_ssh_project * 0.49 (excluding)
Dropbear Ubuntu dapper *
Dropbear Ubuntu devel *
Dropbear Ubuntu edgy *
Dropbear Ubuntu feisty *
Dropbear Ubuntu gutsy *
Dropbear Ubuntu hardy *
Dropbear Ubuntu intrepid *
Dropbear Ubuntu jaunty *
Dropbear Ubuntu karmic *

References