Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2009-1273

Опубликовано: 24 мар. 2009
Источник: redhat
EPSS Низкий

Описание

pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=492153pam_ssh: Password prompt varies for existent and non-existent users

EPSS

Процентиль: 57%
0.00358
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2009-1273

ubuntu
больше 16 лет назад

pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.

nvd логотип

CVE-2009-1273

nvd
больше 16 лет назад

pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.

debian логотип

CVE-2009-1273

debian
больше 16 лет назад

pam_ssh 1.92 and possibly other versions, as used when PAM is compiled ...

github логотип

GHSA-hcjw-5x4c-67px

github
больше 3 лет назад

pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.

EPSS

Процентиль: 57%
0.00358
Низкий