VYPR

Pam SSH

by Andrew J.korty

CVEs (1)

  • CVE-2009-1273Apr 8, 2009
    risk 0.00cvss epss 0.01

    pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.