[hm] Bug en Openssh Username Enumeration

guifipedro guifipedro en gmail.com
Jue Ago 23 11:17:09 CEST 2018


Gracias BE66 A080 025C FF72 A307 C054 827A E2A3 EC20 8239

nota oficial que aparece en blog [0]

CVE-2018-15473 by MITRE [1]

test script [2]:

 $ id test
id: ‘test’: no such user

 $ python ssh-check-username.py localhost root
[+] Valid username
 $ python ssh-check-username.py localhost test
[*] Invalid username

after upgrade in debian stable

 $ python ssh-check-username.py localhost root
[+] Valid username
 $ python ssh-check-username.py localhost test
[+] Valid username

[0] http://seclists.org/oss-sec/2018/q3/124
[1] http://seclists.org/oss-sec/2018/q3/134
[2] http://seclists.org/oss-sec/2018/q3/125
On Wed, Aug 22, 2018 at 7:05 PM kakak <kak_adel_uxe en riseup.net> wrote:
>
> This bug allows a remote attacker to guess the usernames registered on
> an OpenSSH server.
>
> A vulnerability affects all versions of the OpenSSH client released in
> the past two decades, ever since the application was released in 1999.
>
> https://www.bleepingcomputer.com/news/security/vulnerability-affects-all-openssh-versions-released-in-the-past-two-decades/
>
> --
> BE66 A080 025C FF72 A307 C054 827A E2A3 EC20 8239
>
> Fin de la cita.
> _______________________________________________
> HackMeeting mailing list
> HackMeeting en listas.sindominio.net
> https://listas.sindominio.net/mailman/listinfo/hackmeeting


Más información sobre la lista de distribución HackMeeting