Lucene search
RedhatCVELIST:CVE-2017-2659HistoryMar 20, 2019 - 8:44 p.m.
CVE-2017-2659
2019-03-2020:44:51
CWE-209
redhat
www.cve.org
4
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS
0.001
Percentile
49.6%
It was found that dropbear before version 2013.59 with GSSAPI leaks whether given username is valid or invalid. When an invalid username is given, the GSSAPI authentication failure was incorrectly counted towards the maximum allowed number of password attempts.
CNA Affected
[
{
"product": "dropbear",
"vendor": "[UNKNOWN]",
"versions": [
{
"status": "affected",
"version": "fixed in 2013.59"
}
]
}
]Related
prion
prion
Authentication flaw
2019-03-21 15:59:00
cve
cve
CVE-2017-2659
2019-03-21 15:59:57
nvd
nvd
CVE-2017-2659
2019-03-21 15:59:57
debiancve
debiancve
CVE-2017-2659
2019-03-21 15:59:57
ubuntucve
ubuntucve
CVE-2017-2659
2019-03-21 00:00:00
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS
0.001
Percentile
49.6%
Related for CVELIST:CVE-2017-2659