Published: 21/05/2007 Updated: 01/04/2021

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote malicious users to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openbsd openssh
netapp hci management node -
netapp solidfire -
netapp steelstore cloud integrated storage -
netapp hci storage node -

Debian Bug report logs - #436571 openssh: CVE-2007-2768 and CVE-2007-2243 (determine the existence of user accounts) Package: openssh; Maintainer for openssh is Debian OpenSSH Maintainers <debian-ssh@listsdebianorg>; Reported by: Steffen Joeris <steffenjoeris@skolelinuxde> Date: Wed, 8 Aug 2007 09:30:02 UTC Seve ...

PAN-SA-2024-0003 Informational Bulletin: Impact of OSS CVEs in Prisma SD-WAN ION ...

CWE-200 http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0635.html http://www.osvdb.org/34601 https://security.netapp.com/advisory/ntap-20191107-0002/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=436571 https://nvd.nist.gov https://security.paloaltonetworks.com/PAN-SA-2024-0003

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-2768

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect