Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
515
Views
0
Helpful
1
Replies

Security Assesment Violation

joeharb
Level 5
Level 5

‎09-13-2007 07:59 AM - edited ‎03-14-2019 11:31 PM

We have a customer that had a 3rd party Security Assesment done on thier network. One of the things that came about was the IP phones reported a Dropbear Authentication Flaw. This is CCM 5.1 installation, I have updated the load files on all the phones to SCCP41.8-3-2S and SCCP11.8-3-2S respectively...I don't know if this will resolve the issue or if it is even an issue. Has anyone come across this before.

Thanks,

Joe

Labels:
0 Helpful
1 Reply 1

michaelelowery
Level 1
Level 1

‎09-14-2007 03:39 AM

Looks to me like a false-positive based on this info:

04.30.13 - CVE: Not Available

Platform: Unix

Title: Dropbear SSH Server Authentication Bypass

Description: Dropbear SSH Server is a secure shell server. An authentication bypass issue exists in the software, which can allow malicious users to manipulate authentication credentials in order to take control of the process' execution flow. All current versions are affected.

Ref: http://matt.ucc.asn.au/dropbear/dropbear.html

0 Helpful
Customers Also Viewed These Support Documents