CVE Vulnerabilities

CVE-2013-4434

Published: Oct 25, 2013 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Dropbear SSH Server before 2013.59 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to discover valid usernames.

Affected Software

Name Vendor Start Version End Version
Dropbear_ssh Dropbear_ssh_project * *

References