[3.9] dropbear: User enumeration vulnerability (CVE-2018-15599)
The recv_msg_userauth_request function in svr-auth.c in Dropbear
through 2018.76 is prone to a user enumeration vulnerability because
username
validity affects how fields in SSH_MSG_USERAUTH messages are handled,
a similar issue to CVE-2018-15473 in an unrelated codebase.
References:
http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2018q3/002108.html
https://nvd.nist.gov/vuln/detail/CVE-2018-15599
Patch:
https://secure.ucc.asn.au/hg/dropbear/rev/5d2d1021ca00
(from redmine: issue id 9347, created on 2018-08-28, closed on 2018-11-08)
- Relations:
- parent #9346 (closed)
- Changesets:
- Revision 685fa426 by Natanael Copa on 2018-09-10T10:40:02Z:
main/dropbear: backport security fix (CVE-2018-15599)
fixes #9347