CVE-2018-15473

MEDIUM

Description

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

References

http://www.openwall.com/lists/oss-security/2018/08/15/5

http://www.securityfocus.com/bid/105140

http://www.securitytracker.com/id/1041487

https://bugs.debian.org/906236

https://github.com/openbsd/src/commit/779974d35b4859c07bc3cb8a12c74b43b0a7d1e0

https://lists.debian.org/debian-lts-announce/2018/08/msg00022.html

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0011

https://security.gentoo.org/glsa/201810-03

https://security.netapp.com/advisory/ntap-20181101-0001/

https://usn.ubuntu.com/3809-1/

https://www.debian.org/security/2018/dsa-4280

https://www.exploit-db.com/exploits/45210/

https://www.exploit-db.com/exploits/45233/

https://www.exploit-db.com/exploits/45939/

Details

Source: MITRE

Published: 2018-08-17

Updated: 2018-12-05

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3.0

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Impact Score: 1.4

Exploitability Score: 3.9

Severity: MEDIUM

Tenable Plugins

View all (22 total)

ID	Name	Product	Family	Severity
122030	Photon OS 2.0: Openssh PHSA-2019-2.0-0126	Nessus	PhotonOS Local Security Checks	medium
120996	EulerOS 2.0 SP5 : openssh (EulerOS-SA-2019-1008)	Nessus	Huawei Local Security Checks	medium
120214	Fedora 28 : openssh (2018-065a7722ee)	Nessus	Fedora Local Security Checks	medium
120162	SUSE SLED15 / SLES15 Security Update : openssh (SUSE-SU-2018:3686-1)	Nessus	SuSE Local Security Checks	medium
119920	EulerOS 2.0 SP2 : openssh (EulerOS-SA-2018-1431)	Nessus	Huawei Local Security Checks	medium
119902	EulerOS Virtualization 2.5.2 : openssh (EulerOS-SA-2018-1413)	Nessus	Huawei Local Security Checks	medium
119900	EulerOS Virtualization 2.5.1 : openssh (EulerOS-SA-2018-1411)	Nessus	Huawei Local Security Checks	medium
119887	pfSense 2.3.x <= 2.3.5-p2 / 2.4.x < 2.4.4 Multiple Vulnerabilities (SA-18_06 / SA-18_07 / SA-18_08)	Nessus	Firewalls	high
119533	EulerOS 2.0 SP3 : openssh (EulerOS-SA-2018-1405)	Nessus	Huawei Local Security Checks	medium
119295	openSUSE Security Update : openssh (openSUSE-2018-1477)	Nessus	SuSE Local Security Checks	medium
119213	SUSE SLED12 / SLES12 Security Update : openssh (SUSE-SU-2018:3910-1)	Nessus	SuSE Local Security Checks	medium
119032	SUSE SLES11 Security Update : openssh (SUSE-SU-2018:3781-1)	Nessus	SuSE Local Security Checks	medium
119031	SUSE SLES12 Security Update : openssh (SUSE-SU-2018:3776-1)	Nessus	SuSE Local Security Checks	medium
119024	openSUSE Security Update : openssh (openSUSE-2018-1419)	Nessus	SuSE Local Security Checks	medium
118795	Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : openssh vulnerabilities (USN-3809-1)	Nessus	Ubuntu Local Security Checks	medium
118498	SUSE SLES11 Security Update : openssh (SUSE-SU-2018:3540-1)	Nessus	SuSE Local Security Checks	high
117968	GLSA-201810-03 : OpenSSH: User enumeration vulnerability	Nessus	Gentoo Local Security Checks	medium
117708	Amazon Linux 2 : openssh (ALAS-2018-1075)	Nessus	Amazon Linux Local Security Checks	medium
117491	Fedora 27 : openssh (2018-f56ded11c4)	Nessus	Fedora Local Security Checks	medium
117347	Amazon Linux AMI : openssh (ALAS-2018-1075)	Nessus	Amazon Linux Local Security Checks	medium
112066	Debian DSA-4280-1 : openssh - security update	Nessus	Debian Local Security Checks	medium
112050	Debian DLA-1474-1 : openssh security update	Nessus	Debian Local Security Checks	medium