Dropbear 0.48

Matt Johnston matt at ucc.asn.au
Fri Mar 10 14:10:28 WST 2006

Hi all.

I've put up Dropbear 0.48, which has a few fixes.

It fixes the denial of service attack reported by Pablo
Fernandez on bugtraq, which is actually a common problem
with various network services (inetd and OpenSSH both seem
"vulnerable").  Dropbear now has a per-IP pre-authentication
connection limit, which make it harder for someone to use
all the pre-auth connection slots.

I've also updated scp to the latest OpenSSH version, fixing
a security issue.



0.48 - Thurs 9 March 2006

- Check that the circular buffer is properly empty before
  closing a channel, which could cause truncated transfers
  (thanks to Tomas Vanek for helping track it down)

- Implement per-IP pre-authentication connection limits 
  (after some poking from Pablo Fernandez)

- Exit gracefully if trying to connect to as SSH v1 server 
  (reported by Rushi Lala)

- Only read /dev/random once at startup when in non-inetd mode

- Allow ctrl-c to close a dbclient password prompt (may
  still have to press enter on some platforms)

- Merged in uClinux patch for inetd mode

- Updated to scp from OpenSSH 4.3p2 - fixes a security issue
  where use of system() could cause users to execute arbitrary
  code through malformed filenames, ref CVE-2006-0225

More information about the Dropbear mailing list