Published: 21/08/2018 Updated: 30/12/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

The recv_msg_userauth_request function in svr-auth.c in Dropbear up to and including 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codebase.

Vulnerable Product	Search on Vulmon	Subscribe to Product
debian debian linux 8.0
dropbear ssh project dropbear ssh

Debian Bug report logs - #1009062 CVE-2019-12953: inconsistent failure delay that may lead to revealing valid usernames Package: src:dropbear; Maintainer for src:dropbear is Guilhem Moulin <guilhem@debianorg>; Reported by: Guilhem Moulin <guilhem@debianorg> Date: Wed, 6 Apr 2022 18:27:01 UTC Severity: important Ta ...

Debian Bug report logs - #928256 gpg-key2ps: CVE-2019-11627: Shell injection vulnerability in UIDs rendering Package: signing-party; Maintainer for signing-party is Guilhem Moulin <guilhem@debianorg>; Source for signing-party is src:signing-party (PTS, buildd, popcon) Reported by: Guilhem Moulin <guilhem@debianorg> ...

Debian Bug report logs - #906890 dropbear: CVE-2018-15599 Package: src:dropbear; Maintainer for src:dropbear is Guilhem Moulin <guilhem@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 21 Aug 2018 21:00:05 UTC Severity: important Tags: security, upstream Found in versions dropbear/20146 ...

[EN] Hardware hacking: SilverCrest Zigbee Gateway SGWZ1A1

Hardware hacking: SilverCrest Zigbee Gateway SGWZ1A1 Content Usefull sources Serial console System walkthrough Network discovery TCP enumeration scan SSH enumeration SSH audit SSH scan TO DO Usefull sources All credit for initial research goes to Paul Banks: Original blog post is here: paulbanksorg/projects/lidl-zigbee Github repo with used code: github

Try to determine what Linux/Unix distribution is running on a remote host and get a hint if security updates are applied.

Dist-Detect Dist-Detect is an active commandline scanner to detect the Linux or Unix distribution running on a remote host by looking at the banners or responses of typical Unix network services Dist-Detect is currently work in progress For now only the SSH service is supported and works already quite well in detecting Debian and derivatives (Ubuntu, Raspbian, etc), but HTT

CWE-200 https://old.reddit.com/r/blackhat/comments/97ywnm/openssh_username_enumeration/e4e05n2/http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2018q3/002109.html http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2018q3/002108.html https://lists.debian.org/debian-lts-announce/2018/08/msg00026.html https://matt.ucc.asn.au/dropbear/CHANGES https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009062 https://github.com/odolezal/silvercrest_zigbee_gateway

CVE-2018-15599

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect