Download
| Alert*
oval:org.secpod.oval:def:89002421
This update for openssh fixes the following issues: Following security issues have been fixed: - CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not wa ... oval:org.secpod.oval:def:89049733 This update for openssh fixes the following issues: - CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such a username enumeration as ... oval:org.secpod.oval:def:2001442 Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states "We understand that the OpenSSH developers do not want to treat such a username enumeration as a vul ... oval:org.secpod.oval:def:47277 The host is installed with OpenSSH through 7.8 and is prone to a user enumeration vulnerability. A flaw is present in the application, which fails to properly handle an issue in auth-gss2.c. Successful exploitation could allow remote attackers to identify existing users on a target machine. |