Описание
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:7.6p1-4ubuntu0.1 |
| cosmic | released | 1:7.7p1-4 |
| devel | not-affected | |
| disco | not-affected | |
| eoan | not-affected | |
| esm-infra-legacy/trusty | released | 1:6.6p1-2ubuntu2.11 |
| esm-infra/bionic | released | 1:7.6p1-4ubuntu0.1 |
| esm-infra/focal | not-affected | |
| esm-infra/xenial | released | 1:7.2p2-4ubuntu2.6 |
| focal | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | |
| cosmic | not-affected | |
| devel | not-affected | |
| disco | not-affected | |
| eoan | not-affected | |
| esm-apps/bionic | not-affected | |
| esm-apps/focal | not-affected | |
| esm-infra-legacy/trusty | DNE | |
| focal | not-affected | |
| groovy | not-affected |
Показывать по
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
OpenSSH through 7.7 is prone to a user enumeration vulnerability due t ...
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3