Unrated severityNVD Advisory· Published Dec 12, 2005· Updated Apr 16, 2026

CVE-2005-4178

Description

Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.

Affected products

Dropbear Ssh Project/Dropbear SSH
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*
Range: <0.47
Debian/Debian Linux2 versions
cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.htmlnvdPatchVendor Advisory
matt.ucc.asn.au/dropbear/dropbear.htmlnvdPatchVendor Advisory
secunia.com/advisories/18108nvdThird Party Advisory
secunia.com/advisories/18109nvdThird Party Advisory
secunia.com/advisories/18142nvdThird Party Advisory
www.debian.org/security/2005/dsa-923nvdThird Party Advisory
www.gentoo.org/security/en/glsa/glsa-200512-13.xmlnvdThird Party Advisory
www.securityfocus.com/bid/15923/nvdThird Party AdvisoryVDB Entry
www.vupen.com/english/advisories/2005/2962nvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000