https://community.ruckuswireless.com/t5/ZoneDirector/Dropbear-SSH-Server-lt-2016-72-Multiple-Vulnerabilities/m-p/6148#M921 Hello David,<BR />&nbsp;&nbsp; Dropbear is used as the webserver on APs and ZD's SSH, and not on Solo APs, and this<BR />will be fixed in ZD 10.0.&nbsp; See security advisory on <A href="https://www.ruckuswireless.com/security" rel="nofollow" title="Link: https://www.ruckuswireless.com/security">https://www.ruckuswireless.com/security</A>. Mon, 07 Nov 2016 18:40:41 GMT michael_brado 2016-11-07T18:40:41Z https://community.ruckuswireless.com/t5/ZoneDirector/Dropbear-SSH-Server-lt-2016-72-Multiple-Vulnerabilities/m-p/6147#M920 We have found the vulnerability below and I wonder is there an update we can apply to patch against this. We are currently at version&nbsp;9.10.0.0 build 218.<BR /><BR />Vulnerability details as follows:<BR />DescriptionAccording to its self-reported version in its banner, Dropbear SSH running on the remote host is prior to 2016.74. It is, therefore, affected by the following vulnerabilities :<BR /><BR />- A format string flaw exists due to improper handling of string format specifiers (e.g., %s and %x) in usernames and host arguments. An unauthenticated, remote attacker can exploit this to execute arbitrary code with root privileges. (CVE-2016-7406)<BR /><BR />- A flaw exists in dropbearconvert due to improper handling of specially crafted OpenSSH key files. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2016-7407)<BR /><BR />- A flaw exists in dbclient when handling the -m or -c arguments in scripts. An unauthenticated, remote attacker can exploit this, via a specially crafted script, to execute arbitrary code. (CVE-2016-7408)<BR /><BR />- A flaw exists in dbclient or dropbear server if they are compiled with the DEBUG_TRACE option and then run using the -v switch. A local attacker can exploit this to disclose process memory. (CVE-2016-7409)<BR /><BR />Solution<BR />Upgrade to Dropbear SSH version 2016.74 or later.<BR /><BR />See Also<BR /><A href="https://matt.ucc.asn.au/dropbear/CHANGES" rel="nofollow" target="_blank" title="Link: https://matt.ucc.asn.au/dropbear/CHANGES">https://matt.ucc.asn.au/dropbear/CHANGES</A> Mon, 07 Nov 2016 15:35:08 GMT https://community.ruckuswireless.com/t5/ZoneDirector/Dropbear-SSH-Server-lt-2016-72-Multiple-Vulnerabilities/m-p/6147#M920 david_fay_9yn2u 2016-11-07T15:35:08Z https://community.ruckuswireless.com/t5/ZoneDirector/Dropbear-SSH-Server-lt-2016-72-Multiple-Vulnerabilities/m-p/6148#M921 Hello David,<BR />&nbsp;&nbsp; Dropbear is used as the webserver on APs and ZD's SSH, and not on Solo APs, and this<BR />will be fixed in ZD 10.0.&nbsp; See security advisory on <A href="https://www.ruckuswireless.com/security" rel="nofollow" title="Link: https://www.ruckuswireless.com/security">https://www.ruckuswireless.com/security</A>. Mon, 07 Nov 2016 18:40:41 GMT https://community.ruckuswireless.com/t5/ZoneDirector/Dropbear-SSH-Server-lt-2016-72-Multiple-Vulnerabilities/m-p/6148#M921 michael_brado 2016-11-07T18:40:41Z https://community.ruckuswireless.com/t5/ZoneDirector/Dropbear-SSH-Server-lt-2016-72-Multiple-Vulnerabilities/m-p/6149#M922 Do you know the provisional release date for this? I couldn't see&nbsp;CVE-2016-7406 in these advisories. Mon, 07 Nov 2016 18:55:17 GMT https://community.ruckuswireless.com/t5/ZoneDirector/Dropbear-SSH-Server-lt-2016-72-Multiple-Vulnerabilities/m-p/6149#M922 david_fay_9yn2u 2016-11-07T18:55:17Z