Vulnerability Details : CVE-2016-3116
CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data.
Products affected by CVE-2016-3116
- cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-3116
2.84%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 90 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-3116
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:N |
8.0
|
4.9
|
NIST | |
6.4
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N |
3.1
|
2.7
|
NIST |
References for CVE-2016-3116
-
http://packetstormsecurity.com/files/136251/Dropbear-SSHD-xauth-Command-Injection-Bypass.html
Dropbear SSHD xauth Command Injection / Bypass ≈ Packet Storm
-
http://lists.opensuse.org/opensuse-updates/2016-03/msg00105.html
openSUSE-SU-2016:0874-1: moderate: Security update for dropbear
-
https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115
pub/pocs/cve-2016-3115 at master · tintinweb/pub · GitHub
-
https://security.gentoo.org/glsa/201607-08
Dropbear: Privilege escalation (GLSA 201607-08) — Gentoo security
-
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179870.html
[SECURITY] Fedora 24 Update: dropbear-2016.72-1.fc24
-
https://matt.ucc.asn.au/dropbear/CHANGES
-
http://lists.opensuse.org/opensuse-updates/2016-03/msg00113.html
openSUSE-SU-2016:0882-1: moderate: Security update for dropbear
-
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179269.html
[SECURITY] Fedora 22 Update: dropbear-2016.72-1.fc22
-
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179261.html
[SECURITY] Fedora 23 Update: dropbear-2016.72-1.fc23
-
http://seclists.org/fulldisclosure/2016/Mar/47
Full Disclosure: CVE-2016-3116 - Dropbear SSH xauth injection
Jump to