CVE-2007-1099

NONE EPSS 79.4%
Published Feb 26, 200719y ago · Modified Jun 16, 20262w ago
Find Similar
Published Feb 26, 2007 19y ago
Last Modified Jun 16, 2026 2w ago

Description

dbclient in Dropbear SSH client before 0.49 does not sufficiently warn the user when it detects a hostkey mismatch, which might allow remote attackers to conduct man-in-the-middle attacks.

Threat Intelligence

EPSS Exploit Probability
79.4% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Affected Products 1

VendorProductVersionRange
dropbear_ssh_projectdropbear_ssh* <0.49

References 7

  • matt.ucc.asn.au http://matt.ucc.asn.au/dropbear/CHANGES
    Vendor Advisory
  • osvdb.org http://osvdb.org/33814
    Broken Link
  • secunia.com http://secunia.com/advisories/24345
    Third Party Advisory
  • osvdb.org http://www.osvdb.org/32088
    Broken Link
  • securityfocus.com http://www.securityfocus.com/bid/22761
    Third Party AdvisoryVDB Entry
  • vupen.com http://www.vupen.com/english/advisories/2007/0785
    Third Party Advisory
  • exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/32762
    Third Party AdvisoryVDB Entry

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.