[3.6] dropbear: User enumeration vulnerability (CVE-2018-15599)
The recv_msg_userauth_request function in svr-auth.c in Dropbear
through 2018.76 is prone to a user enumeration vulnerability because
username
validity affects how fields in SSH_MSG_USERAUTH messages are handled,
a similar issue to CVE-2018-15473 in an unrelated codebase.
References:
http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2018q3/002108.html
https://nvd.nist.gov/vuln/detail/CVE-2018-15599
Patch:
https://secure.ucc.asn.au/hg/dropbear/rev/5d2d1021ca00
(from redmine: issue id 9350, created on 2018-08-28, closed on 2018-11-08)
- Relations:
- copied_to #9346 (closed)
- parent #9346 (closed)
- Changesets:
- Revision 8e0dfd98 on 2018-11-07T10:32:50Z:
main/dropbear: security fix (CVE-2018-15599)
Fixes #9350