NVD

Id
86203  
Name
CVE-2017-9079  
Description
Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorized_keys file format with a command= option. This occurs because ~/.ssh/authorized_keys is read with root privileges and symlinks are followed.  
Reject
 
CVSS Version
2  
CVSS Score
4.7  
Severity
Medium  
CVSS Base Score
4.7  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
3.4  
CVSS Vector
(AV:L/AC:M/Au:N/C:C/I:N/A:N)  
Pub Date
2017-05-27  
Published
2017-05-19  
Modified Date
2017-05-24  
Seq
2017-9079  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
419113 86203 CVE-2017-7191 97185  View
422906 86203 CVE-2017-0632 98221  View
422907 86203 CVE-2017-0632 https://source.android.com/security/bulletin/2017-05-01  View
422908 86203 CVE-2017-0632 98221  View
422909 86203 CVE-2017-0632 https://source.android.com/security/bulletin/2017-05-01  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
67820 JVNDB-2017-004109 Dropbear における認可・権限・アクセス制御に関する脆弱性 Dropbear には、認可・権限・アクセス制御に関する脆弱性が存在します。 CVE-2017-9079 0 CVE-2017-9079 86203 4.7 4.7 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-004109.html 2017-05-18 2017-06-16 View