Vulnerability-Lookup

CVE-2016-6210 (GCVE-0-2016-6210)

Vulnerability from cvelistv5 – Published: 2017-02-13 00:00 – Updated: 2024-08-06 01:22

Summary

sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.

Severity

No CVSS data available.

CWE

Assigner

mitre

References

12 references

URL	Tags
https://access.redhat.com/errata/RHSA-2017:2563	vendor-advisory
http://www.securitytracker.com/id/1036319	vdb-entry
http://seclists.org/fulldisclosure/2016/Jul/51	mailing-list
http://www.debian.org/security/2016/dsa-3626	vendor-advisory
https://www.exploit-db.com/exploits/40136/	exploit
https://www.exploit-db.com/exploits/40113/	exploit
https://www.openssh.com/txt/release-7.3
https://security.gentoo.org/glsa/201612-18	vendor-advisory
https://access.redhat.com/errata/RHSA-2017:2029	vendor-advisory
http://www.securityfocus.com/bid/91812	vdb-entry
https://security.netapp.com/advisory/ntap-2019020…
https://cert-portal.siemens.com/productcert/pdf/s…

Date Public

2016-07-14 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:22:20.650Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2017:2563",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2563"
          },
          {
            "name": "1036319",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036319"
          },
          {
            "name": "20160714 opensshd - user enumeration",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2016/Jul/51"
          },
          {
            "name": "DSA-3626",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3626"
          },
          {
            "name": "40136",
            "tags": [
              "exploit",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/40136/"
          },
          {
            "name": "40113",
            "tags": [
              "exploit",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/40113/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openssh.com/txt/release-7.3"
          },
          {
            "name": "GLSA-201612-18",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201612-18"
          },
          {
            "name": "RHSA-2017:2029",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2029"
          },
          {
            "name": "91812",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91812"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20190206-0001/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-07-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-13T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2017:2563",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2563"
        },
        {
          "name": "1036319",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1036319"
        },
        {
          "name": "20160714 opensshd - user enumeration",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2016/Jul/51"
        },
        {
          "name": "DSA-3626",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3626"
        },
        {
          "name": "40136",
          "tags": [
            "exploit"
          ],
          "url": "https://www.exploit-db.com/exploits/40136/"
        },
        {
          "name": "40113",
          "tags": [
            "exploit"
          ],
          "url": "https://www.exploit-db.com/exploits/40113/"
        },
        {
          "url": "https://www.openssh.com/txt/release-7.3"
        },
        {
          "name": "GLSA-201612-18",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/201612-18"
        },
        {
          "name": "RHSA-2017:2029",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2029"
        },
        {
          "name": "91812",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securityfocus.com/bid/91812"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20190206-0001/"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-6210",
    "datePublished": "2017-02-13T00:00:00.000Z",
    "dateReserved": "2016-07-13T00:00:00.000Z",
    "dateUpdated": "2024-08-06T01:22:20.650Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2016-6210",
      "date": "2026-05-28",
      "epss": "0.90046",
      "percentile": "0.99599"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openbsd:openssh:*:p2:*:*:*:*:*:*\", \"versionEndIncluding\": \"7.2\", \"matchCriteriaId\": \"4AFA4267-E15B-4826-9B98-63F68AB1627F\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.\"}, {\"lang\": \"es\", \"value\": \"sshd en OpenSSH en versiones anteriores a 7.3, cuando SHA256 o SHA512 son utilizados para el hashing de la contrase\\u00f1a del usuario, utiliza BLOWFISH hashing en una contrase\\u00f1a est\\u00e1tica cuando no existe el nombre de usuario, lo que permite a atacantes remotos enumerar usuarios aprovechando la diferencia de tiempo entre respuestas cuando se proporciona una contrase\\u00f1a grande.\"}]",
      "id": "CVE-2016-6210",
      "lastModified": "2024-11-21T02:55:40.493",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 5.9, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:N/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-02-13T17:59:00.153",
      "references": "[{\"url\": \"http://seclists.org/fulldisclosure/2016/Jul/51\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2016/dsa-3626\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/91812\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1036319\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2029\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2563\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://security.gentoo.org/glsa/201612-18\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190206-0001/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.exploit-db.com/exploits/40113/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.exploit-db.com/exploits/40136/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.openssh.com/txt/release-7.3\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2016/Jul/51\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2016/dsa-3626\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/91812\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1036319\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2029\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2563\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/201612-18\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190206-0001/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.exploit-db.com/exploits/40113/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.exploit-db.com/exploits/40136/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.openssh.com/txt/release-7.3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-6210\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-02-13T17:59:00.153\",\"lastModified\":\"2026-05-13T00:24:29.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.\"},{\"lang\":\"es\",\"value\":\"sshd en OpenSSH en versiones anteriores a 7.3, cuando SHA256 o SHA512 son utilizados para el hashing de la contrase\u00f1a del usuario, utiliza BLOWFISH hashing en una contrase\u00f1a est\u00e1tica cuando no existe el nombre de usuario, lo que permite a atacantes remotos enumerar usuarios aprovechando la diferencia de tiempo entre respuestas cuando se proporciona una contrase\u00f1a grande.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:*:p2:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.2\",\"matchCriteriaId\":\"4AFA4267-E15B-4826-9B98-63F68AB1627F\"}]}]}],\"references\":[{\"url\":\"http://seclists.org/fulldisclosure/2016/Jul/51\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2016/dsa-3626\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/91812\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1036319\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2029\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2563\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.gentoo.org/glsa/201612-18\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20190206-0001/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.exploit-db.com/exploits/40113/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.exploit-db.com/exploits/40136/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.openssh.com/txt/release-7.3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2016/Jul/51\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2016/dsa-3626\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/91812\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1036319\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2029\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2563\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201612-18\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20190206-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.exploit-db.com/exploits/40113/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.exploit-db.com/exploits/40136/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.openssh.com/txt/release-7.3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]}]}}"
  }
}

WID-SEC-W-2023-0450

Vulnerability from csaf_certbund - Published: 2016-07-17 22:00 - Updated: 2024-05-07 22:00

Summary

OpenSSH: Schwachstelle ermöglicht Offenlegung von Informationen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.

Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSH ausnutzen, um Informationen offenzulegen.

Betroffene Betriebssysteme: - Appliance - Linux - UNIX - Windows

CVE-2016-6210

Es existiert eine Schwachstelle in OpenSSH. Die Schwachstelle wird dadurch verursacht, wenn lange Passwörter (10KB) vom SSH-Daemon verarbeitet werden. Ein entfernter anonymer Angreifer kann diese Schwachstelle ausnutzen, um Benutzernamen zu ermitteln und Benutzerinformationen zu lesen.

Affected products

Known affected 19 products

Product	Identifier	Version
SUSE Linux Enterprise Server 11 SP4 SUSE / Linux Enterprise Server	`cpe:/o:suse:linux_enterprise_server:11:sp4`	11 SP4
Avaya Aura Experience Portal Avaya	`cpe:/a:avaya:aura_experience_portal:-`	—
Avaya Aura System Manager Avaya	`cpe:/a:avaya:aura_system_manager:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
SUSE Linux Enterprise Server 12 LTSS SUSE / Linux Enterprise Server	`cpe:/o:suse:linux_enterprise_server:12:ltss`	12 LTSS
Avaya Aura Application Enablement Services Avaya	`cpe:/a:avaya:aura_application_enablement_services:-`	—
Dell NetWorker virtual Dell / NetWorker	`cpe:/a:dell:networker:virtual`	virtual
Avaya Aura Session Manager Avaya	`cpe:/a:avaya:session_manager:-`	—
SUSE Linux Enterprise Server 12 SP1 SUSE / Linux Enterprise Server	`cpe:/o:suse:linux_enterprise_server:12:sp1`	12 SP1
Avaya Aura Communication Manager Avaya	`cpe:/a:avaya:communication_manager:-`	—
SUSE Linux Enterprise Desktop 12 SP1 SUSE / Linux Enterprise Desktop	`cpe:/o:suse:linux_enterprise_desktop:12:sp1`	12 SP1
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:8.0`	—
Oracle VM 3 Oracle / VM	`cpe:/a:oracle:vm:3`	3
IBM FlashSystem 900 IBM / FlashSystem	`cpe:/a:ibm:flashsystem:900`	900
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—
IBM FlashSystem 840 IBM / FlashSystem	`cpe:/a:ibm:flashsystem:840`	840

Last affected 1 product

Product	Identifier	Version	Remediation
Open Source OpenSSH <=7.2p2 Open Source / OpenSSH		<=7.2p2

References

23 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
http://seclists.org/fulldisclosure/2016/Jul/51	external
https://www.debian.org/security/2016/dsa-3626	external
http://www.openssh.com/txt/release-7.3	external
http://www.ubuntu.com/usn/usn-3061-1/	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://bto.bluecoat.com/security-advisory/sa136	external
https://support.f5.com/csp/#/article/K14845276	external
https://access.redhat.com/errata/RHSA-2017:2029	external
http://linux.oracle.com/errata/ELSA-2017-2563.html	external
https://access.redhat.com/errata/RHSA-2017:2563	external
https://lists.centos.org/pipermail/centos-announc…	external
https://downloads.avaya.com/css/P8/documents/101044062	external
https://security.netapp.com/advisory/ntap-2019020…	external
https://security.netapp.com/advisory/ntap-2019020…	external
https://www.ibm.com/support/pages/node/650935	external
https://oss.oracle.com/pipermail/oraclevm-errata/…	external
http://linux.oracle.com/errata/ELSA-2023-4428.html	external
https://www.dell.com/support/kbdoc/000224827/dsa-2024-=	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSH ausnutzen, um Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Appliance\n- Linux\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-0450 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2016/wid-sec-w-2023-0450.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-0450 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0450"
      },
      {
        "category": "external",
        "summary": "Meldung auf oss-sec mailing list vom 2016-07-14",
        "url": "http://seclists.org/fulldisclosure/2016/Jul/51"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-3626 vom 2016-07-24",
        "url": "https://www.debian.org/security/2016/dsa-3626"
      },
      {
        "category": "external",
        "summary": "OpenSSH 7.3 release notes vom 2016-08-01",
        "url": "http://www.openssh.com/txt/release-7.3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-3061-1 vom 2016-08-15",
        "url": "http://www.ubuntu.com/usn/usn-3061-1/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2016:2281-1 vom 2016-09-12",
        "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162281-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2016:2280-1 vom 2016-09-12",
        "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162280-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2016:2388-1 vom 2016-09-27",
        "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162388-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2016:2555-1 vom 2016-10-25",
        "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162555-1.html"
      },
      {
        "category": "external",
        "summary": "BlueCoat Security Advisory SA136",
        "url": "https://bto.bluecoat.com/security-advisory/sa136"
      },
      {
        "category": "external",
        "summary": "F5 Security Advisory K14845276 vom 2016-12-23",
        "url": "https://support.f5.com/csp/#/article/K14845276"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory: RHSA-2017:2029",
        "url": "https://access.redhat.com/errata/RHSA-2017:2029"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2017-2563 vom 2017-08-31",
        "url": "http://linux.oracle.com/errata/ELSA-2017-2563.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2017:2563 vom 2017-08-31",
        "url": "https://access.redhat.com/errata/RHSA-2017:2563"
      },
      {
        "category": "external",
        "summary": "CentOS-announce CESA-2017:2563 vom 2017-08-31",
        "url": "https://lists.centos.org/pipermail/centos-announce/2017-August/022529.html"
      },
      {
        "category": "external",
        "summary": "AVAYA Security Advisory ASA-2017-281 vom 2020-01-07",
        "url": "https://downloads.avaya.com/css/P8/documents/101044062"
      },
      {
        "category": "external",
        "summary": "NetApp Security Advisory NTAP-20190206-0001 vom 2019-02-07",
        "url": "https://security.netapp.com/advisory/ntap-20190206-0001/"
      },
      {
        "category": "external",
        "summary": "NetApp Security Advisory NTAP-20190206-0001 vom 2019-02-06",
        "url": "https://security.netapp.com/advisory/ntap-20190206-0001/"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 650935 vom 2023-02-22",
        "url": "https://www.ibm.com/support/pages/node/650935"
      },
      {
        "category": "external",
        "summary": "ORACLE OVMSA-2023-0019 vom 2023-08-17",
        "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2023-August/001083.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2023-4428 vom 2023-08-24",
        "url": "http://linux.oracle.com/errata/ELSA-2023-4428.html"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2024-198 vom 2024-05-08",
        "url": "https://www.dell.com/support/kbdoc/000224827/dsa-2024-="
      }
    ],
    "source_lang": "en-US",
    "title": "OpenSSH: Schwachstelle erm\u00f6glicht Offenlegung von Informationen",
    "tracking": {
      "current_release_date": "2024-05-07T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:44:35.426+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-0450",
      "initial_release_date": "2016-07-17T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2016-07-17T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initial Release"
        },
        {
          "date": "2016-07-17T22:00:00.000+00:00",
          "number": "2",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2016-07-17T22:00:00.000+00:00",
          "number": "3",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2016-07-24T22:00:00.000+00:00",
          "number": "4",
          "summary": "New remediations available"
        },
        {
          "date": "2016-07-24T22:00:00.000+00:00",
          "number": "5",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2016-08-01T22:00:00.000+00:00",
          "number": "6",
          "summary": "New remediations available"
        },
        {
          "date": "2016-08-15T22:00:00.000+00:00",
          "number": "7",
          "summary": "New remediations available"
        },
        {
          "date": "2016-08-15T22:00:00.000+00:00",
          "number": "8",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2016-09-12T22:00:00.000+00:00",
          "number": "9",
          "summary": "New remediations available"
        },
        {
          "date": "2016-09-12T22:00:00.000+00:00",
          "number": "10",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2016-09-27T22:00:00.000+00:00",
          "number": "11",
          "summary": "New remediations available"
        },
        {
          "date": "2016-10-25T22:00:00.000+00:00",
          "number": "12",
          "summary": "New remediations available"
        },
        {
          "date": "2016-12-13T23:00:00.000+00:00",
          "number": "13",
          "summary": "New remediations available"
        },
        {
          "date": "2016-12-22T23:00:00.000+00:00",
          "number": "14",
          "summary": "New remediations available"
        },
        {
          "date": "2017-08-01T22:00:00.000+00:00",
          "number": "15",
          "summary": "New remediations available"
        },
        {
          "date": "2017-08-07T22:00:00.000+00:00",
          "number": "16",
          "summary": "Added references"
        },
        {
          "date": "2017-08-31T22:00:00.000+00:00",
          "number": "17",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2019-02-06T23:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von NetApp aufgenommen"
        },
        {
          "date": "2020-01-06T23:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von AVAYA aufgenommen"
        },
        {
          "date": "2023-02-21T23:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2023-08-17T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von ORACLE aufgenommen"
        },
        {
          "date": "2023-08-23T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-05-07T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Dell aufgenommen"
        }
      ],
      "status": "final",
      "version": "23"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Avaya Aura Application Enablement Services",
            "product": {
              "name": "Avaya Aura Application Enablement Services",
              "product_id": "T015516",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Aura Communication Manager",
            "product": {
              "name": "Avaya Aura Communication Manager",
              "product_id": "T015126",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:communication_manager:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Aura Experience Portal",
            "product": {
              "name": "Avaya Aura Experience Portal",
              "product_id": "T015519",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:aura_experience_portal:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Aura Session Manager",
            "product": {
              "name": "Avaya Aura Session Manager",
              "product_id": "T015127",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:session_manager:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Aura System Manager",
            "product": {
              "name": "Avaya Aura System Manager",
              "product_id": "T015518",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:aura_system_manager:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Avaya"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "310725",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:8.0"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "virtual",
                "product": {
                  "name": "Dell NetWorker virtual",
                  "product_id": "T034583",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:networker:virtual"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "NetWorker"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "EMC Avamar",
            "product": {
              "name": "EMC Avamar",
              "product_id": "T014381",
              "product_identification_helper": {
                "cpe": "cpe:/a:emc:avamar:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "EMC"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "840",
                "product": {
                  "name": "IBM FlashSystem 840",
                  "product_id": "T026432",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:flashsystem:840"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "900",
                "product": {
                  "name": "IBM FlashSystem 900",
                  "product_id": "T026433",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:flashsystem:900"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FlashSystem"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source CentOS",
            "product": {
              "name": "Open Source CentOS",
              "product_id": "1727",
              "product_identification_helper": {
                "cpe": "cpe:/o:centos:centos:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=7.2p2",
                "product": {
                  "name": "Open Source OpenSSH \u003c=7.2p2",
                  "product_id": "T007232"
                }
              }
            ],
            "category": "product_name",
            "name": "OpenSSH"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "3",
                "product": {
                  "name": "Oracle VM 3",
                  "product_id": "T019617",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:vm:3"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "VM"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "12 SP1",
                "product": {
                  "name": "SUSE Linux Enterprise Desktop 12 SP1",
                  "product_id": "T007837",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:linux_enterprise_desktop:12:sp1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Linux Enterprise Desktop"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "11 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Server 11 SP4",
                  "product_id": "T007322",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:linux_enterprise_server:11:sp4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12 SP1",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP1",
                  "product_id": "T007836",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:linux_enterprise_server:12:sp1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12 LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 LTSS",
                  "product_id": "T008429",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:linux_enterprise_server:12:ltss"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Linux Enterprise Server"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2016-6210",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in OpenSSH. Die Schwachstelle wird dadurch verursacht, wenn lange Passw\u00f6rter (10KB) vom SSH-Daemon verarbeitet werden. Ein entfernter anonymer Angreifer kann diese Schwachstelle ausnutzen, um Benutzernamen zu ermitteln und Benutzerinformationen zu lesen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T007322",
          "T015519",
          "T015518",
          "67646",
          "T008429",
          "T015516",
          "T034583",
          "T015127",
          "T007836",
          "T015126",
          "T007837",
          "T004914",
          "T014381",
          "T000126",
          "310725",
          "T019617",
          "T026433",
          "1727",
          "T026432"
        ],
        "last_affected": [
          "T007232"
        ]
      },
      "release_date": "2016-07-17T22:00:00.000+00:00",
      "title": "CVE-2016-6210"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-6210 (GCVE-0-2016-6210)

WID-SEC-W-2023-0450

Tags

Sightings

Nomenclature