A vulnerability in the recv_msg_userauth_request function of Dropbear could allow an unauthenticated, remote attacker to access sensitive information on a targeted system.
The vulnerability exists in the recv_msg_userauth_request function, as defined in the svr-auth.c source code file of the affected software, and is due to the way fields in SSH_MSG_USERAUTH messages are handled based on username validity. An attacker could exploit this vulnerability by sending an authentication request packet to the targeted system. A successful exploit could allow the attacker to access sensitive information, such as valid usernames.
Proof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available.
The vendor confirmed the vulnerability; however, software updates are not available.
Security Impact Rating: Medium