Full Disclosure

CVE-2016-3116 – Dropbear SSH xauth injection

March 14, 2016 007admin Leave a comment

Posted by INTREST SEC on Mar 14

Author: <github.com/tintinweb>
Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3116
Version: 0.2
Date: Mar 3rd, 2016

Tag: dropbearsshd xauth command injection may lead to forced-command bypass

Overview
——–

Name: dropbear
Vendor: Matt Johnston
References: * https://matt.ucc.asn.au/dropbear/dropbear.html [1]

Version: 2015.71
Latest Version: 2015.71
Other…

Leave a Reply Cancel reply

You must be logged in to post a comment.

Software and Security Information