Vulnerabilities > CVE-2009-1273 - Credentials Management vulnerability in Andrew J.Korty PAM SSH 1.92
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family Misc. NASL id PAM_SSH_USER_ENUMERATION.NASL description The remote host is running a SSH server that responds differently to login attempts depending on whether or not a valid username is given. This is likely due to a vulnerable version of pam_ssh. Other products may be affected as well. A remote attacker could use this to enumerate valid usernames, which could be used to mount further attacks. last seen 2020-06-01 modified 2020-06-02 plugin id 38197 published 2009-04-28 reporter This script is Copyright (C) 2009-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/38197 title pam_ssh Login Prompt Remote Username Enumeration NASL family Fedora Local Security Checks NASL id FEDORA_2009-3627.NASL description - Thu Mar 26 2009 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.92-10 - Always use standard last seen 2020-06-01 modified 2020-06-02 plugin id 38670 published 2009-05-04 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/38670 title Fedora 9 : pam_ssh-1.92-10.fc9 (2009-3627) NASL family Fedora Local Security Checks NASL id FEDORA_2009-3500.NASL description - Bug #492153 - CVE-2009-1273 pam_ssh: Password prompt varies for existent and non-existent users Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 38669 published 2009-05-04 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/38669 title Fedora 10 : pam_ssh-1.92-10.fc10 (2009-3500)