#VU14548 Information disclosure in OpenSSH


Published: 2018-08-28 | Updated: 2018-08-29

Vulnerability identifier: #VU14548

Vulnerability risk: Low

CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2018-15919

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenSSH
Server applications / Remote management servers, RDP, SSH

Vendor: OpenSSH

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists due to insufficient validation of an authentication request packet when the Guide Star Server II (GSS2) component is used. A remote attacker can send an authentication request packet and access sensitive information, such as valid usernames.

Mitigation
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.

Vulnerable software versions

OpenSSH: 7.0p1 - 7.8

External links
http://seclists.org/oss-sec/2018/q3/180

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Dell EMC Cloud Tiering Appliance Family
Multiple vulnerabilities in Dell EMC Unity Family
openEuler 20.03 LTS update for openssh
OpenSUSE Linux update for openssh
Information disclosure in OpenSSH
Information disclosure in Debian openssh package