mirror of
https://github.com/0xMarcio/cve.git
synced 2026-06-05 06:38:06 +02:00
0xMarcio
1.9 KiB
1.9 KiB
CVE-2018-15919
Description
Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'
POC
Reference
Github
- https://github.com/1stPeak/CVE-2018-15473
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Hughes-Actual/Recon-Assignment-Hughes
- https://github.com/Maribel0370/Nebula-io
- https://github.com/Milkad0/DC-4_VulnHub
- https://github.com/NeoOniX/5ATTACK
- https://github.com/ProTechEx/asn
- https://github.com/ZorvithonLeo/BiG7EXploits
- https://github.com/averna-syd/Shodan
- https://github.com/bioly230/THM_Skynet
- https://github.com/firatesatoglu/iot-searchengine
- https://github.com/firatesatoglu/shodanSearch
- https://github.com/hackingyseguridad/ssha
- https://github.com/krlabs/openssh-vulnerabilities
- https://github.com/lacysw/RandScan
- https://github.com/nitefood/asn
- https://github.com/project7io/nmap
- https://github.com/rahadhasan666/ASN_IP_LOOKUP
- https://github.com/scottyscripts/protect_ya_neck_api
- https://github.com/swlacy/RandScan
- https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
- https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough
- https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough
- https://github.com/vshaliii/DC-4-Vulnhub-Walkthrough
- https://github.com/vshaliii/Funbox2-rookie