6 matches found
Fedora Core 10 FEDORA-2009-3500 (pam_ssh)
The remote host is missing an update to pamssh announced via advisory FEDORA-2009-3500. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Fedora Core 9 FEDORA-2009-3627 (pam_ssh)
The remote host is missing an update to pamssh announced via advisory FEDORA-2009-3627. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
CVE-2009-1273
pamssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames...
DEBIAN-CVE-2009-1273
pamssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames...
CVE-2009-1273
pamssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames...
CVE-2009-1273
The CVE-2009-1273 issue affects pam_ssh 1.92 (and possibly other versions) when PAM is built with USE=ssh. The underlying problem is that authentication error messages differ for valid versus invalid usernames, enabling remote users to enumerate usernames. Public references (Fedora advisories FED...