Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-1273

Опубликовано: 08 апр. 2009
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:andrew_j.korty:pam_ssh:1.92:*:*:*:*:*:*:*

EPSS

Процентиль: 58%
0.00358
Низкий

5 Medium

CVSS2

Дефекты

CWE-255

Связанные уязвимости

ubuntu логотип

CVE-2009-1273

ubuntu
почти 17 лет назад

pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.

redhat логотип

CVE-2009-1273

redhat
почти 17 лет назад

pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.

debian логотип

CVE-2009-1273

debian
почти 17 лет назад

pam_ssh 1.92 and possibly other versions, as used when PAM is compiled ...

github логотип

GHSA-hcjw-5x4c-67px

github
почти 4 года назад

pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.

EPSS

Процентиль: 58%
0.00358
Низкий

5 Medium

CVSS2

Дефекты

CWE-255