CVE-2018-15473 - OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an

CVE-2018-15473

Summary

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

References

Vulnerable Configurations

cpe:2.3:a:openbsd:openssh:-:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:-:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.2:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.2:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.2:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.2:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.3:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.3:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.3:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.3:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1.0:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1.0:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1.0:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1.0:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1.1:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1.1:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1.1:p3:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1.1:p3:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1.1:p4:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.1.1:p4:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.2.0:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.2.0:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.2.0:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.2.0:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.3.0:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.3.0:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.3.0:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.3.0:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.5.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.5.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.5.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.5.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.5.1:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.5.1:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.5.2:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.5.2:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.5.2:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.5.2:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9.9:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9.9:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9.9:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9.9:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9.9:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9.9:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.2:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.2:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.2:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.2:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.2:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.2:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.2:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.2:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.3:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.3:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.3:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.3:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.3:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.3:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.3:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.3:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.4:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.4:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.4:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.4:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.5:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.5:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.5:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.5:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6.1:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6.1:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.8:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.8:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.8:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.8:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.8.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.8.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.8.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.8.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.9:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.9:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.9:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.9:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.9.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.9.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.0:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.0:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.0:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.0:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.2:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.2:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.2:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.2:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.3:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.3:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.3:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.3:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.3:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.3:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.4:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.4:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.4:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.4:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.5:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.5:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.5:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.5:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.6:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.6:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.6:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.6:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.7:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.7:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.7:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.7:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.7p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.7p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.8:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.8:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.8:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.8:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.9:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.9:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.9:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.9:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.0:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.0:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.0:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.0:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.0:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.0:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.2:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.2:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.2:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.2:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.3:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.3:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.3:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.3:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.4:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.4:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.4:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.4:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.5:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.5:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.5:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.5:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.6:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.6:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.6:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.6:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.7:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.7:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.7:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.7:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.8:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.8:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.8:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.8:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.8:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.8:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.8p2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.8p2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.9:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.9:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.9:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.9:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.9:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.9:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.0:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.0:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.0:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.0:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.2:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.2:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.2:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.2:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.2:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.2:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.3:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.3:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.3:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.3:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.4:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.4:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.4:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.4:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.4:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.4:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.5:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.5:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.5:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.5:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.6:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.6:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.6:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.6:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.6:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.6:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.7:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.7:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.7:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.7:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.7:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.7:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.8:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.8:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.9:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.9:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.0:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.0:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.1:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.1:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.1:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.2:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.2:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.2:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.2:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.2:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.2:p2:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.3:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.3:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.3:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.3:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.4:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.4:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.4:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.4:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.4:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.4:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.5:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.5:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.5:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.5:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.6:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.6:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.6:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.6:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.7:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.7:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.7:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:7.7:p1:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:cn1610:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:cn1610:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:service_processor:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:service_processor:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:7-mode:*:*
cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:7-mode:*:*
cpe:2.3:a:netapp:fas_baseboard_management_controller:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:fas_baseboard_management_controller:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:aff_baseboard_management_controller:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:aff_baseboard_management_controller:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_unified_manager:9.4:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:oncommand_unified_manager:9.4:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:oncommand_unified_manager:9.5:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:oncommand_unified_manager:9.5:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:virtual_storage_console:7.2:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:virtual_storage_console:7.2:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:virtual_storage_console:7.2.1:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:virtual_storage_console:7.2.1:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:vasa_provider:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:vasa_provider:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:storage_replication_adapter:7.2:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:storage_replication_adapter:7.2:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:storage_replication_adapter:7.2.1:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:storage_replication_adapter:7.2.1:*:*:*:*:vsphere:*:*
cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_x204rna_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_x204rna_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x204rna:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_x204rna:-:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 23-02-2023 - 23:13)
Impact:
Exploitability:

CWE

CWE-362

CAPEC

Leveraging Race Conditions
The adversary targets a race condition occurring when multiple processes access and manipulate the same resource concurrently, and the outcome of the execution depends on the particular order in which the access takes place. The adversary can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance, a race condition can occur while accessing a file: the adversary can trick the system by replacing the original file with his version and cause the system to read the malicious file.
Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. A typical example is file access. The adversary can leverage a file access race condition by "running the race", meaning that they would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the adversary could replace or modify the file, causing the application to behave unexpectedly.

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:N/A:N

redhat via4

advisories

bugzilla

id	1619063
title	CVE-2018-15473 openssh: User enumeration via malformed packets in authentication requests

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003

AND
comment openssh is earlier than 0:5.3p1-124.el6_10
oval oval:com.redhat.rhsa:tst:20190711001
comment openssh is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120884002

AND

comment openssh-askpass is earlier than 0:5.3p1-124.el6_10
oval oval:com.redhat.rhsa:tst:20190711003
comment openssh-askpass is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120884004

AND

comment openssh-clients is earlier than 0:5.3p1-124.el6_10
oval oval:com.redhat.rhsa:tst:20190711005
comment openssh-clients is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120884006

AND

comment openssh-ldap is earlier than 0:5.3p1-124.el6_10
oval oval:com.redhat.rhsa:tst:20190711007
comment openssh-ldap is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120884008

AND

comment openssh-server is earlier than 0:5.3p1-124.el6_10
oval oval:com.redhat.rhsa:tst:20190711009
comment openssh-server is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120884010

AND

comment pam_ssh_agent_auth is earlier than 0:0.9.3-124.el6_10
oval oval:com.redhat.rhsa:tst:20190711011
comment pam_ssh_agent_auth is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120884012

rhsa

id	RHSA-2019:0711
released	2019-04-09
severity	Low
title	RHSA-2019:0711: openssh security update (Low)

bugzilla

id	1722446
title	openssh FIPS cipher list has an extra comma in it

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 7 is installed
oval oval:com.redhat.rhba:tst:20150364027

AND
comment openssh is earlier than 0:7.4p1-21.el7
oval oval:com.redhat.rhsa:tst:20192143001
comment openssh is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120884002

AND

comment openssh-askpass is earlier than 0:7.4p1-21.el7
oval oval:com.redhat.rhsa:tst:20192143003
comment openssh-askpass is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120884004

AND
comment openssh-cavs is earlier than 0:7.4p1-21.el7
oval oval:com.redhat.rhsa:tst:20192143005
comment openssh-cavs is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20172029006

AND

comment openssh-clients is earlier than 0:7.4p1-21.el7
oval oval:com.redhat.rhsa:tst:20192143007
comment openssh-clients is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120884006

AND

comment openssh-keycat is earlier than 0:7.4p1-21.el7
oval oval:com.redhat.rhsa:tst:20192143009
comment openssh-keycat is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20150425008

AND
comment openssh-ldap is earlier than 0:7.4p1-21.el7
oval oval:com.redhat.rhsa:tst:20192143011
comment openssh-ldap is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120884008

AND

comment openssh-server is earlier than 0:7.4p1-21.el7
oval oval:com.redhat.rhsa:tst:20192143013
comment openssh-server is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120884010

AND

comment openssh-server-sysvinit is earlier than 0:7.4p1-21.el7
oval oval:com.redhat.rhsa:tst:20192143015
comment openssh-server-sysvinit is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20150425014

AND

comment pam_ssh_agent_auth is earlier than 0:0.10.3-2.21.el7
oval oval:com.redhat.rhsa:tst:20192143017
comment pam_ssh_agent_auth is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120884012

rhsa

id	RHSA-2019:2143
released	2019-08-06
severity	Low
title	RHSA-2019:2143: openssh security, bug fix, and enhancement update (Low)

rpms

openssh-0:5.3p1-124.el6_10
openssh-askpass-0:5.3p1-124.el6_10
openssh-clients-0:5.3p1-124.el6_10
openssh-debuginfo-0:5.3p1-124.el6_10
openssh-ldap-0:5.3p1-124.el6_10
openssh-server-0:5.3p1-124.el6_10
pam_ssh_agent_auth-0:0.9.3-124.el6_10
openssh-0:7.4p1-21.el7
openssh-askpass-0:7.4p1-21.el7
openssh-cavs-0:7.4p1-21.el7
openssh-clients-0:7.4p1-21.el7
openssh-debuginfo-0:7.4p1-21.el7
openssh-keycat-0:7.4p1-21.el7
openssh-ldap-0:7.4p1-21.el7
openssh-server-0:7.4p1-21.el7
openssh-server-sysvinit-0:7.4p1-21.el7
pam_ssh_agent_auth-0:0.10.3-2.21.el7

refmap via4

bid	105140
confirm	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0011 https://security.netapp.com/advisory/ntap-20181101-0001/
debian	DSA-4280
exploit-db	45210 45233 45939
gentoo	GLSA-201810-03
misc	http://www.openwall.com/lists/oss-security/2018/08/15/5 https://bugs.debian.org/906236 https://github.com/openbsd/src/commit/779974d35b4859c07bc3cb8a12c74b43b0a7d1e0 https://www.oracle.com/security-alerts/cpujan2020.html
mlist	[debian-lts-announce] 20180821 [SECURITY] [DLA-1474-1] openssh security update
sectrack	1041487
ubuntu	USN-3809-1

Last major update

23-02-2023 - 23:13

Published

17-08-2018 - 19:29

Last modified

23-02-2023 - 23:13