CVE-2016-6210

sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.

Published date: 2017-02-13T17:59Z
Last modification date: 2022-12-13T12:15Z
Assigner: cve@mitre.org
Problem type: CWE-200

Impact

CVSS v3 vector string: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Name	URL	Source	Tags
https://www.openssh.com/txt/release-7.3	https://www.openssh.com/txt/release-7.3	CONFIRM	Release Notes, Vendor Advisory
20160714 opensshd - user enumeration	http://seclists.org/fulldisclosure/2016/Jul/51	FULLDISC	Mailing List, Third Party Advisory
91812	http://www.securityfocus.com/bid/91812	BID	VDB Entry, Third Party Advisory
GLSA-201612-18	https://security.gentoo.org/glsa/201612-18	GENTOO
1036319	http://www.securitytracker.com/id/1036319	SECTRACK
40136	https://www.exploit-db.com/exploits/40136/	EXPLOIT-DB
40113	https://www.exploit-db.com/exploits/40113/	EXPLOIT-DB
DSA-3626	http://www.debian.org/security/2016/dsa-3626	DEBIAN
RHSA-2017:2563	https://access.redhat.com/errata/RHSA-2017:2563	REDHAT
RHSA-2017:2029	https://access.redhat.com/errata/RHSA-2017:2029	REDHAT
https://security.netapp.com/advisory/ntap-20190206-0001/	https://security.netapp.com/advisory/ntap-20190206-0001/	CONFIRM
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf	https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf	CONFIRM