QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-1999-1231

Back to search

CVE-1999-1231

Published: Sep 12, 2001

Modified: Aug 1, 2024

PUBLISHED

Description

ssh 2.0.12, and possibly other versions, allows valid user names to attempt to enter the correct password multiple times, but only prompts an invalid user name for a password once, which allows remote attackers to determine user account names on the server.

VendorProductVersions

n/a

n/a

affected
n/a

References

19990609 ssh advirsory
mailing-list
x_refsource_BUGTRAQ
ssh-leak(2276)
vdb-entry
x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now