CVE-2016-3116
NONE EPSS 97.0%
Published Mar 22, 201610y ago · Modified Jun 17, 20262w ago
Published Mar 22, 2016 10y ago
Last Modified Jun 17, 2026 2w ago
Description
CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data.
Threat Intelligence
EPSS Exploit Probability
97.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| dropbear_ssh_project | dropbear_ssh | * | ≤2015.71 |
References 10
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179261.html
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179269.html
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179870.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2016-03/msg00105.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2016-03/msg00113.html
- packetstormsecurity.com http://packetstormsecurity.com/files/136251/Dropbear-SSHD-xauth-Command-Injection-Bypass.html
- seclists.org http://seclists.org/fulldisclosure/2016/Mar/47
- github.com https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115
- matt.ucc.asn.au https://matt.ucc.asn.au/dropbear/CHANGES
- security.gentoo.org https://security.gentoo.org/glsa/201607-08
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.