OPIE w/ OpenSSH Account Enumeration

medium Nessus Plugin ID 17705

Synopsis

The remote host is susceptible to an information disclosure attack.

Description

When using OPIE for PAM and OpenSSH, it is possible for remote attackers to determine the existence of certain user accounts.

Note that Nessus has not tried to exploit the issue, but rather only checked if OpenSSH is running on the remote host. As a result, it does not detect if the remote host actually has OPIE for PAM installed.

Solution

A patch currently does not exist for this issue. As a workaround, ensure that OPIE for PAM is not installed.

See Also

https://seclists.org/fulldisclosure/2007/Apr/634

Plugin Details

Severity: Medium

ID: 17705

File Name: openssh_opie.nasl

Version: 1.6

Type: remote

Family: Misc.

Published: 11/18/2011

Updated: 3/27/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:openbsd:openssh

Required KB Items: Settings/PCI_DSS, installed_sw/OpenSSH

Vulnerability Publication Date: 4/21/2007

Reference Information

CVE: CVE-2007-2768