Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-36369

An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2 tokens or SSH-Askpass. Thus, it allows an attacker to abuse a forwarded agent for logging on to another server unnoticed.

Published

2022-10-12T21:15:09.493

Last Modified

2025-05-15T19:15:53.450

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
CWE-287
Type: Secondary
CWE-287

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	dropbear_ssh_project	dropbear_ssh	≤ 2020.81	Yes
Operating System	debian	debian_linux	10.0	Yes

References

https://github.com/mkj/dropbear/pull/128 Third Party Advisory ([email protected])
https://github.com/mkj/dropbear/releases Release Notes, Third Party Advisory ([email protected])
https://github.com/mkj/dropbear/releases/tag/DROPBEAR_2022.82 Release Notes, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2022/11/msg00015.html Mailing List, Third Party Advisory ([email protected])
https://github.com/mkj/dropbear/pull/128 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/mkj/dropbear/releases Release Notes, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/mkj/dropbear/releases/tag/DROPBEAR_2022.82 Release Notes, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2022/11/msg00015.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)