[arch-security] [ASA-201608-1] openssh: information leakage

Christian Rebischke Chris.Rebischke at archlinux.org
Tue Aug 2 12:21:57 UTC 2016


Arch Linux Security Advisory ASA-201608-1
=========================================

Severity: Medium
Date    : 2016-08-02
CVE-ID  : CVE-2016-6210
Package : openssh
Type    : information leakage
Remote  : Yes
Link    : https://wiki.archlinux.org/index.php/CVE

Summary
=======

The package openssh before version 7.3p1-1 is vulnerable to information
leakage.

Resolution
==========

Upgrade to 7.3p1-1.

# pacman -Syu "openssh>=7.3p1-1"

The problem has been fixed upstream in version 7.3p1.

Workaround
==========

None.

Description
===========

Mitigate timing differences in password authentication that could be
used to discern valid from invalid account names when long passwords
were sent and particular password hashing algorithms are in use on the
server. Reported by EddieEzra.Harari at verint.com

Impact
======

A remote attacker is able to enumerate users by sending large passwords.

References
==========

https://access.redhat.com/security/cve/CVE-2016-6210
http://seclists.org/fulldisclosure/2016/Jul/51
http://www.openssh.com/txt/release-7.3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20160802/4e576093/attachment.asc>


More information about the arch-security mailing list