Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2003-0190

Published: 12/05/2003 Updated: 15/02/2024
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 515
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Openbsd

Vulnerability Summary

OpenSSH-portable (OpenSSH) 3.6.1p1 and previous versions with PAM support enabled immediately sends an error message when a user does not exist, which allows remote malicious users to determine valid usernames via a timing attack.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openbsd openssh

openbsd openssh 3.6.1

openpkg openpkg 1.3

openpkg openpkg 1.2

siemens scalance_x204rna_ecc_firmware

siemens scalance_x204rna_firmware

Vendor Advisories

Ubuntu Security Notice: openssh information leakage
@Mediaservicenet discovered two information leaks in the OpenSSH server When using password authentication, an attacker could test whether a login name exists by measuring the time between failed login attempts, i e the time after which the “password:” prompt appears again ...

ICS Advisories

Siemens SCALANCE X-200RNA Switch Devices

Exploits

Exploit DB: openssh-timing.txt
Portable OpenSSH versions 361p-PAM / 41-SUSE and below timing attack exploit ...
Exploit DB: OpenSSH/PAM 3.6.1p1 - Remote Users Discovery Tool
/* * SSH_BRUTE - OpenSSH/PAM <= 361p1 remote users discovery tool * Copyright (c) 2003 @ Mediaservicenet Srl All rights reserved * * * Vulnerability discovered by Marco Ivaldi <raptor@mediaservicenet> * Proof of concept code by Maurizio Agazzini <inode@mediaservicenet> * * Tested against Red Hat, Mandrake, and Debian GNU/Linux ...
Exploit DB: Portable OpenSSH 3.6.1p-PAM/4.1-SuSE - Timing Attack
#!/bin/bash # # $Id: raptor_sshtime,v 11 2007/02/13 16:38:57 raptor Exp $ # # raptor_sshtime - [Open]SSH remote timing attack exploit # Copyright (c) 2006 Marco Ivaldi <raptor@0xdeadbeefinfo> # # OpenSSH-portable 361p1 and earlier with PAM support enabled immediately # sends an error message when a user does not exist, which allows remo ...
Exploit DB: OpenSSH/PAM 3.6.1p1 - 'gossh.sh' Remote Users Ident
#!/bin/sh # OpenSSH <= 36p1 - User Identification # Nicolas Couture - nc@stormvaultnet # # Description: # -Tells you wether or not a user exist on # a distant server running OpenSSH # # Usage: # -You NEED to have the host's public key # before executing this script # #=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-# # Fact Sheet: ...

References

CWE-203http://www.securityfocus.com/bid/7467http://lists.grok.org.uk/pipermail/full-disclosure/2003-April/004815.htmlhttp://lab.mediaservice.net/advisory/2003-01-openssh.txthttp://www.redhat.com/support/errata/RHSA-2003-222.htmlhttp://www.redhat.com/support/errata/RHSA-2003-224.htmlhttp://www.turbolinux.com/security/TLSA-2003-31.txthttp://marc.info/?l=bugtraq&m=105172058404810&w=2http://marc.info/?l=bugtraq&m=106018677302607&w=2https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A445https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdfhttps://usn.ubuntu.com/34-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/25/https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651CVE-2024-34255elevation of privilegeCVE-2024-25529CVE-2024-4671NULL pointer dereferenceCVE-2024-25527template injectionCVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook