SUSE CVE-2020-27780

A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate...

ALPINE-CVE-2020-27780

A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate...

F5 Networks BIG-IP : OpenSSH vulnerability (K14845276)

When SSHD tries to authenticate a non-existing user, it will pick up a fake password structure hard-coded in the SSHD source code. An attacker can measure timing information to determine if a user exists when verifying a password. CVE-2016-6210 C Tenable Network Security, Inc. The descriptive tex...

Ubuntu 14.04 LTS / 16.04 LTS : OpenSSH vulnerabilities (USN-3061-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3061-1 advisory. Eddie Harari discovered that OpenSSH incorrectly handled password hashing when authenticating non-existing users. A remote attacker could...

DSA-1056-1 webcalendar - verbose error message

Bulletin has no description...

Inicom networks ioFTPd FTP Server account enumeration

Error messages differ for existant and non-existant user account...