Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-15473

Опубликовано: 16 авг. 2018
Источник: redhat
CVSS3: 5.3
EPSS Критический

Описание

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

A user enumeration vulnerability flaw was found in OpenSSH, though version 7.7. The vulnerability occurs by not delaying bailout for an invalid authenticated user until after the packet containing the request has been fully parsed. The highest threat from this vulnerability is to data confidentiality.

Отчет

Red Hat Product Security has rated this issue as having Low severity. An attacker could use this flaw to determine whether given usernames exist or not on the server, but no further information is disclosed and there is no availability or integrity impact. A future update may address this issue.

Меры по смягчению последствий

Configuring your firewall to limit the origin and/or rate of incoming ssh connections (using the netfilter xt_recent module) will limit the impact of this attack, as it requires a new TCP connection for each username tested. This configuration also provides some protection against brute-force attacks on SSH passwords or keys. See the following article for more information on limiting access to SSHD: https://access.redhat.com/solutions/8687

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5opensshWill not fix
Red Hat Enterprise Linux 8opensshNot affected
Red Hat Enterprise Linux 6opensshFixedRHSA-2019:071109.04.2019
Red Hat Enterprise Linux 7opensshFixedRHSA-2019:214306.08.2019

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=1619063openssh: User enumeration via malformed packets in authentication requests

EPSS

Процентиль: 100%
0.90356
Критический

5.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-15473

CVSS3: 5.3
ubuntu
больше 7 лет назад

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

nvd логотип

CVE-2018-15473

CVSS3: 5.3
nvd
больше 7 лет назад

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

debian логотип

CVE-2018-15473

CVSS3: 5.3
debian
больше 7 лет назад

OpenSSH through 7.7 is prone to a user enumeration vulnerability due t ...

suse-cvrf логотип

openSUSE-SU-2021:1390-1

suse-cvrf
больше 4 лет назад

Security update for ssh-audit

suse-cvrf логотип

openSUSE-SU-2021:1383-1

suse-cvrf
больше 4 лет назад

Security update for ssh-audit

EPSS

Процентиль: 100%
0.90356
Критический

5.3 Medium

CVSS3