Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2009-1273

Опубликовано: 24 мар. 2009
Источник: redhat

Описание

pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=492153pam_ssh: Password prompt varies for existent and non-existent users

Связанные уязвимости

ubuntu логотип

CVE-2009-1273

ubuntu
почти 17 лет назад

pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.

nvd логотип

CVE-2009-1273

nvd
почти 17 лет назад

pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.

debian логотип

CVE-2009-1273

debian
почти 17 лет назад

pam_ssh 1.92 and possibly other versions, as used when PAM is compiled ...

github логотип

GHSA-hcjw-5x4c-67px

github
почти 4 года назад

pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.