CVE-2018-15599 — Sensitive Information Exposure in Dropbear

CWE-200 — Sensitive Information Exposure11 documents5 sources

Severity

5.3MEDIUMNVD

EPSS

0.5%

top 33.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dropbear SSH Project Dropbear SSH Debian Dropbear Debian Linux

Timeline

PublishedAug 21

Latest updateMay 24

Description

The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codebase.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

▶debiandebian/dropbear< dropbear 2019.78-1 (bookworm)+1

▶Debiandropbear_ssh_project/dropbear_ssh< 2018.76-4+7

▶NVDdropbear_ssh_project/dropbear_ssh2011.54 — 2018.76+1

Also affects: Debian Linux 8.0

🔴Vulnerability Details

GHSA

GHSA-6hj9-w8vp-p698: Dropbear 2011↗2022-05-24

▶

GHSA

GHSA-g4h3-rm2q-r287: The recv_msg_userauth_request function in svr-auth↗2022-05-13

▶

OSV

CVE-2019-12953: Dropbear 2011↗2020-12-30

▶

OSV

CVE-2018-15599: The recv_msg_userauth_request function in svr-auth↗2018-08-21

▶

📋Vendor Advisories

Debian

CVE-2019-12953: dropbear - Dropbear 2011.54 through 2018.76 has an inconsistent failure delay that may lead...↗2019

▶

Debian

CVE-2018-15599: dropbear - The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76...↗2018

▶

💬Community

Bugzilla

CVE-2018-15599 dropbear: User enumeration via malformed packets in authentication requests [fedora-all]↗2018-08-28

▶

Bugzilla

CVE-2018-15599 dropbear: User enumeration via malformed packets in authentication requests↗2018-08-28

▶

Bugzilla

CVE-2018-15599 dropbear: User enumeration via malformed packets in authentication requests [epel-all]↗2018-08-28

▶