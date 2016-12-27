Citrix: Securely Configuring IPMI/LOM on NetScaler
Dropbear SSH released a new version (2016.74) of the SSH server in July 2016, along with the fixes for four CVEs.
They are:
CVE-2016-7406 – Message printout is vulnerable to format string injection. If specific usernames including “%” symbols can be created on a system, an attacker could run arbitrary code as root when connecting to Dropbear server.
CVE-2016-7407 – Import of OpenSSH keys via dropbearconvert could run arbitrary code as the local dropbearconvert user when parsing malicious key files
CVE-2016-7408 – dbclient could run arbitrary code as the local dbclient user if particular -m or -c arguments are provided. This could be an issue where dbclient is used in scripts.
CVE-2016-7409 – dbclient or dropbear server could expose process memory to the running user if compiled with DEBUG_TRACE and running with -v
