vulnerability

FreeBSD: VID-60931f98-55a7-11e7-8514-589cfc0654e1 (CVE-2017-9079): Dropbear -- two vulnerabilities

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:M/Au:N/C:C/I:N/A:N)

Published

Jul 3, 2017

Added

Jul 4, 2017

Modified

Jun 15, 2026

Description

Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorized_keys file format with a command= option. This occurs because ~/.ssh/authorized_keys is read with root privileges and symlinks are followed.

Solution

freebsd-upgrade-package-dropbear

References

CVE-2017-9079
https://attackerkb.com/topics/CVE-2017-9079
CWE-732
EUVD-EUVD-2017-18018
https://euvd.enisa.europa.eu/vulnerability/EUVD-2017-18018

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report