CVE-2016-3116 in dropbear | CVE-2016-3116

Q: How to fix?

Upgrade Ubuntu:16.04 dropbear to version 2016-72-1 or higher.

Threat Intelligence

Mature

2.84% (91^st percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk IDSNYK-UBUNTU1604-DROPBEAR-356288
published22 Mar 2016
disclosed22 Mar 2016

Report a new vulnerability Found a mistake?

Introduced: 22 Mar 2016

CVE-2016-3116 (opens in a new tab)

How to fix?

Upgrade Ubuntu:16.04 dropbear to version 2016-72-1 or higher.

NVD Description

Note: Versions mentioned in the description apply only to the upstream dropbear package and not the dropbear package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data.

References

http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-3116
https://security-tracker.debian.org/tracker/CVE-2016-3116
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179261.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179269.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179870.html
https://security.gentoo.org/glsa/201607-08
https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115
http://packetstormsecurity.com/files/136251/Dropbear-SSHD-xauth-Command-Injection-Bypass.html
https://matt.ucc.asn.au/dropbear/CHANGES
http://lists.opensuse.org/opensuse-updates/2016-03/msg00105.html
http://lists.opensuse.org/opensuse-updates/2016-03/msg00113.html
http://seclists.org/fulldisclosure/2016/Mar/47
https://www.exploit-db.com/exploits/40119

CVE-2016-3116 Affecting dropbear package, versions <2016-72-1

Severity