" hello "
vulnerability:
GSI-OPENSSH-SERVER 7.9P1 ON FEDORA /ETC/GSISSH/SSHD_CONFIG CREDENTIALS MANAGEMENT
Description of problem:
A vulnerability classified as critical has been found in gsi-openssh-server 7.9p1 on Fedora (Connectivity Software) on server (http://95.217.64.181:22). This affects some unknown functionality of the file /etc/gsissh/sshd_config. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is classifying the issue as CWE-255. This is going to have an impact on confidentiality, integrity, and availability. The summary by CVE is:
An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set to yes in the /etc/gsissh/sshd_config file, logins succeed with a valid username and an incorrect password, even though a failure entry is recorded in the /var/log/messages file.
The bug was discovered 02/08/2019. The weakness was released 02/08/2019. This vulnerability is uniquely identified as CVE-2019-7639 since 02/08/2019. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. Technical details of the vulnerability are known, but there is no available exploit. The attack technique deployed by this issue is T1552 according to MITRE ATT&CK.
If PermitPAMUserChange is set to yes in the sshd_config for gsi-openssh-server, anyone is allowed to login to the system with existing user even if they provide incorrect password
Version-Release number of selected component (if applicable): 7.9p1
How reproducible:
Always
Steps to Reproduce:
Actual results:
User gets logged in even though there is a failure entry in /var/log/messages for user authentication
Expected results:
User should not be able to login unless he provides the correct password
Additional info:
its possible that earlier versions might also be vulnerable.
https://nvd.nist.gov/vuln/detail/CVE-2019-7639
This is going to have an impact on confidentiality, integrity, and availability