04-05-2017 07:15 AM - edited 04-05-2017 07:16 AM
Our VVX310's are running Dropbear Vulnerabilities is there a way to disable SSH in our provisioning server? We are on firmware 188.8.131.5226
Thu Mar 23 10:16:53 2017
Thu Mar 23 10:17:24 2017
Results Details 22/tcp
93650 - Dropbear SSH Server < 2016.72 Multiple Vulnerabilities
The SSH service running on the remote host is affected by multiple vulnerabilities.
According to its self-reported version in its banner, Dropbear SSH running on the remote host is prior to 2016.74. It is, therefore, affected by the following vulnerabilities :
- A format string flaw exists due to improper handling of string format specifiers (e.g., %s and %x) in usernames and host arguments. An unauthenticated, remote attacker can exploit this to execute arbitrary code with root privileges. (CVE-2016-7406)
- A flaw exists in dropbearconvert due to improper handling of specially crafted OpenSSH key files. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2016-7407)
- A flaw exists in dbclient when handling the -m or -c arguments in scripts. An unauthenticated, remote attacker can exploit this, via a specially crafted script, to execute arbitrary code. (CVE-2016-7408)
- A flaw exists in dbclient or dropbear server if they are compiled with the DEBUG_TRACE option and then run using the -v switch. A local attacker can exploit this to disclose process memory. (CVE-2016-7409)
Upgrade to Dropbear SSH version 2016.74 or later.
CVSS v3.0 Base Score
CVSS v3.0 Temporal Score
CVSS Base Score
CVSS Temporal Score
Publication date: 2016/09/22, Modification date: 2016/12/06
Version source : SSH-2.0-dropbear_0.51
Installed version : 0.51
Fixed version : 2016.74
04-10-2017 04:06 AM
welcome back to the Polycom Community.
I believe we are already looking into this and will correct this in a future version.
Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.
Polycom Global Services