12 matches found
K14228: OpenSSH vulnerability CVE-2007-2243
Security Advisory Description OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to...
CVE-2007-2243
OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483...
OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (2)
No description provided by source. source: http://www.securityfocus.com/bid/5093/info The OpenSSH team has reported two vulnerabilities in OpenSSH that are remotely exploitable and may allow for unauthenticated attackers to obtain root privileges. The conditions are related to the OpenSSH SSH2...
Check the System if Opie-Server and Opie-Client installed
Check the System if Opie-Server and Opie-Client installed. Read /etc/pam.d/opie, List Files und /etc/pam.d/ with -include opie- entry, Read ChallengeResponseAuthentication entry in /etc/ssh/sshdconfig OpenVAS Vulnerability Test $Id: GSHBSSHOpie.nasl 7076 2017-09-07 11:53:47Z teissa $ Check the...
CVE-2007-2243
OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483...
Design/Logic Flaw
OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483...
Improper Authentication
Overview Affected versions of this package are vulnerable to Improper Authentication. OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different...
CVE-2007-2243
OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483...
CVE-2007-2243
OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, displaying a different response if the account exists (similar to CVE-2001-1483).
CVE-2007-2243
OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483...
CVE-2007-2243
OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483...
Revised OpenSSH Security Advisory (adv.iss)
This is the 2nd revision of the Advisory. 1. Versions affected: Serveral versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. All versions between 2.3.1 and 3.3 contain a bug in the...