Security Assesment Violation

Unanswered Question
Sep 13th, 2007

We have a customer that had a 3rd party Security Assesment done on thier network. One of the things that came about was the IP phones reported a Dropbear Authentication Flaw. This is CCM 5.1 installation, I have updated the load files on all the phones to SCCP41.8-3-2S and SCCP11.8-3-2S respectively...I don't know if this will resolve the issue or if it is even an issue. Has anyone come across this before.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
michaelelowery Fri, 09/14/2007 - 03:39

Looks to me like a false-positive based on this info:

04.30.13 - CVE: Not Available

Platform: Unix

Title: Dropbear SSH Server Authentication Bypass

Description: Dropbear SSH Server is a secure shell server. An authentication bypass issue exists in the software, which can allow malicious users to manipulate authentication credentials in order to take control of the process' execution flow. All current versions are affected.



This Discussion