CVE-2013-4421

2013-10-26 01:55:03 2018-10-30 17:28:04

The buf_decompress function in packet.c in Dropbear SSH Server before 2013.59 allows remote attackers to cause a denial of service (memory consumption) via a compressed packet that has a large size when it is decompressed.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL

Advisory	Patch	Confirmed	Link
			https://matt.ucc.asn.au/dropbear/CHANGES
			62958
			[oss-security] 20131010 Re: CVE Request: dropbear sshd d...
			openSUSE-SU-2013:1696
			openSUSE-SU-2013:1616
			FEDORA-2013-18593
			FEDORA-2013-18606
			https://secure.ucc.asn.au/hg/dropbear/rev/0bf76f54de6f
			https://support.citrix.com/article/CTX216642

CVE-2013-4421

2013-10-26 01:55:03 2018-10-30 17:28:04

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)