Shellcodes. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openbsd:openssh\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813863\");\n script_version(\"2019-05-21T12:48:06+0000\");\n script_cve_id(\"CVE-2018-15473\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-21 12:48:06 +0000 (Tue, 21 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-20 17:27:42 +0530 (Mon, 20 Aug 2018)\");\n script_name(\"OpenSSH User Enumeration Vulnerability-Aug18 (Windows)\");\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_openssh_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"openssh/detected\", \"Host/runs_windows\");\n\n script_xref(name:\"URL\", value:\"https://0day.city/cve-2018-15473.html\");\n script_xref(name:\"URL\", value:\"https://github.com/openbsd/src/commit/779974d35b4859c07bc3cb8a12c74b43b0a7d1e0\");\n\n script_tag(name:\"summary\", value:\"This host is installed with openssh and\n is prone to user enumeration vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to not delaying bailout for\n an invalid authenticating user until after the packet containing the request\n has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and\n auth2-pubkey.c\");\n\n script_tag(name:\"impact\", value:\"Successfully exploitation will allow remote\n attacker to test whether a certain user exists or not (username enumeration)\n on a target OpenSSH server.\");\n\n script_tag(name:\"affected\", value:\"OpenSSH version 7.7 and prior on Windows.\");\n\n script_tag(name:\"solution\", value:\"Update to version 7.8 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_is_less_equal(version:vers, test_version:\"7.7\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"7.8\", install_path:path);\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:34:23", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "edition": 1, "published": "2020-01-23T00:00:00", "title": "Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2018-1411)", "type": "openvas", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-15473"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181411", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181411", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Gâche Ou Serrure électrique, Sports Réunis Colmar Football Club, à Qui Appartient Identicar, Leupold Vx6 1-6x24 Illuminated, Dacia Traduction Roumain, Population Auxerre Et Agglomération, Cultura Toulouse Balma, Citer Deux Exemples D'utilisation De La Domotique Dans Le Domaine De La Sécurité, 10 Bonnes Raisons De Manger De La Viande, Blue Jeans Bleu Membres, Jolie Fleur Pokémon, Ne Dis Pas Synonyme, Club Lapin Alaska, Tronçonneuse Thermique Husqvarna 450 E-series - Guide 45cm, Premier Morceau Guitare, T-shirt Lacoste Polo, Clyde And Co Paris Arbitrage, L240-2 Code De L'urbanisme, Je Ne Vous Parlerai Pas D'elle Chords, Cric Hydraulique 3t Leclerc, Hava Naguila Hava, Feu D'artifice 24 Juin 2020, Gassama Nom De Famille,