5 matches found
SSH Username Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SSH Username Enumeration', 'Description' = %q This module uses a malformed packet or timing attack to enumerate users on an OpenSSH server. The...
CVE-2006-5229
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ssh/sshenumusers.rb 2025-02-06 03:13:38+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:08:18+00:00| seen|...
SOL15493 - OpenSSH vulnerability CVE-2006-5229
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
The version of SunSSH running on the remote host has an information disclosure vulnerability. A design flaw in the SSH specification could allow a man-in-the-middle attacker to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. An attacker could...
CVE-2006-5229
OpenSSH portable 4.1 on SUSE Linux and possibly other platforms is affected by a timing-attack vulnerability (CVE-2006-5229) that lets remote attackers infer valid usernames based on response time differences. The issue, demonstrated by sshtime, is tied to how certain configurations and manually-...