Openssh 7.6



Secure shell (SSH) server, for secure access from remote machines. This is the portable version of OpenSSH, a free implementation of the Secure Shell protocol as specified by the IETF secsh working group. Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands on a remote machine. For OpenSSH knownhosts files, WinSCP looks to C: Users username.ssh knownhosts. You can also paste hosts key in OpenSSH format from clipboard using Paste button. WinSCP imports also SSH host keys from the source application cache for hostnames from all selected sites.

Openssh

Current Description

Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or 'oracle') as a vulnerability.'


Analysis Description

Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or 'oracle') as a vulnerability.'

Severity

CVSS 3.x Severity and Metrics:Openssh 7.6
NIST:NVD
Vector:NVD

Openssh 7.6p1 Exploit Metasploit

Vector:HyperlinkResourcehttp://seclists.org/oss-sec/2018/q3/180Mailing ListPatchThird Party Advisoryhttp://www.securityfocus.com/bid/105163Third Party AdvisoryVDB Entryhttps://security.netapp.com/advisory/ntap-20181221-0001/Third Party Advisory

Weakness Enumeration

CWE-IDCWE NameSource
CWE-200Exposure of Sensitive Information to an Unauthorized ActorNIST

Openssh 7.6p1 Metasploit

Known Affected Software Configurations Switch to CPE 2.2

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

7.6p1

Change History

4 change records found show changes

Contents

Installed Programs:scp, sftp, sftp-server, slogin (symlink to ssh), ssh, sshd, ssh-add, ssh-agent, ssh-copy-id, ssh-keygen, ssh-keyscan, ssh-keysign, and ssh-pkcs11-helper
Installed Directories:/etc/ssh, /usr/libexec/openssh, /usr/share/doc/openssh-6.6p1, and /var/lib/sshd

Short Descriptions

Openssh Upgrade

scp

is a file copy program that acts like rcp except it uses an encrypted protocol.

sftp

is an FTP-like program that works over the SSH1 and SSH2 protocols.

sftp-server

is an SFTP server subsystem. This program is not normally called directly by the user.

slogin

is a symlink to ssh.

ssh

is an rlogin/rsh-like client program except it uses an encrypted protocol.

sshd

is a daemon that listens for ssh login requests.

ssh-add

is a tool which adds keys to the ssh-agent.

ssh-agent

is an authentication agent that can store private keys.

ssh-copy-id

is a script that enables logins on remote machine using local keys.

ssh-keygen

is a key generation tool.

ssh-keyscan

is a utility for gathering public host keys from a number of hosts.

ssh-keysign

is used by ssh to access the local host keys and generate the digital signature required during hostbased authentication with SSH protocol version 2. This program is not normally called directly by the user.

ssh-pkcs11-helper

is a ssh-agent helper program for PKCS#11 support.