CVE-2016-3116

Published: Mar 22, 2016

Modified: Aug 5, 2024

PUBLISHED

Description

CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115

x_refsource_MISC

https://matt.ucc.asn.au/dropbear/CHANGES

x_refsource_CONFIRM

FEDORA-2016-40a657cee1

vendor-advisory

x_refsource_FEDORA

http://packetstormsecurity.com/files/136251/Dropbear-SSHD-xauth-Command-Injection-Bypass.html

x_refsource_MISC

FEDORA-2016-332491de28

vendor-advisory

x_refsource_FEDORA

20160314 CVE-2016-3116 - Dropbear SSH xauth injection

mailing-list

x_refsource_FULLDISC

FEDORA-2016-bc45faa824

vendor-advisory

x_refsource_FEDORA

openSUSE-SU-2016:0882

vendor-advisory

x_refsource_SUSE

GLSA-201607-08

vendor-advisory

x_refsource_GENTOO

openSUSE-SU-2016:0874

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-3116

Description

Affected Products

References