Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.6
CVSSv2

CVE-2006-5229

Published: 10/10/2006 Updated: 17/10/2018
CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9
VMScore: 265
Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N
Subscribe to Openssh

Vulnerability Summary

OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under limited configurations, allows remote malicious users to determine valid usernames via timing discrepancies in which responses take longer for valid usernames than invalid ones, as demonstrated by sshtime. NOTE: as of 20061014, it appears that this issue is dependent on the use of manually-set passwords that causes delays when processing /etc/shadow due to an increased number of rounds.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openbsd openssh 4.1

Exploits

Exploit DB: Portable OpenSSH 3.6.1p-PAM/4.1-SuSE - Timing Attack
#!/bin/bash # # $Id: raptor_sshtime,v 11 2007/02/13 16:38:57 raptor Exp $ # # raptor_sshtime - [Open]SSH remote timing attack exploit # Copyright (c) 2006 Marco Ivaldi <raptor@0xdeadbeefinfo> # # OpenSSH-portable 361p1 and earlier with PAM support enabled immediately # sends an error message when a user does not exist, which allows remo ...
Exploit DB: openssh-timing.txt
Portable OpenSSH versions 361p-PAM / 41-SUSE and below timing attack exploit ...

References

CWE-200http://www.securityfocus.com/bid/20418http://www.osvdb.org/32721http://www.sybsecurity.com/hack-proventia-1.pdfhttp://secunia.com/advisories/25979http://www.vupen.com/english/advisories/2007/2545http://www.securityfocus.com/archive/1/448702/100/0/threadedhttp://www.securityfocus.com/archive/1/448156/100/0/threadedhttp://www.securityfocus.com/archive/1/448108/100/0/threadedhttp://www.securityfocus.com/archive/1/448025/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/3303/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644unprivilegedCVE-2024-3494CVE-2024-22460CVE-2024-26026CVE-2024-23473firewallCVE-2024-28889XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook