ID

VAR-200305-0063


CVE

CVE-2003-0190


TITLE

OpenSSH  of  PAM  Vulnerability to timing attack in authentication

Trust: 0.8

sources: JVNDB: JVNDB-2003-000136

DESCRIPTION

OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack. Portable Edition OpenSSH If this setting is PAM If enabled in conjunction with an implementation of OpenSSH When authentication fails, the authentication result is determined depending on the existing username and non-existing username. "Permission denied, please try again." There is a vulnerability where there is a difference in the time it takes to return the .It may be possible to guess whether the username exists or not. The portable version of OpenSSH is reported prone to an information-disclosure vulnerability. The portable version is distributed for operating systems other than its native OpenBSD platform. This issue is related to BID 7467. Reportedly, the previous fix for BID 7467 didn't completely fix the issue. This current issue may involve differing code paths in PAM, resulting in a new vulnerability, but this has not been confirmed. Exploiting this vulnerability allows remote attackers to test for the presence of valid usernames. Knowledge of usernames may aid them in further attacks

Trust: 2.25

sources: NVD: CVE-2003-0190 // JVNDB: JVNDB-2003-000136 // BID: 11781 // BID: 7467 // VULMON: CVE-2003-0190

AFFECTED PRODUCTS

vendor:siemensmodel:scalance x204rna eccscope:ltversion:3.2.7

Trust: 1.0

vendor:siemensmodel:scalance x204rnascope:ltversion:3.2.7

Trust: 1.0

vendor:openpkgmodel:openpkgscope:eqversion:1.2

Trust: 1.0

vendor:openbsdmodel:opensshscope:eqversion:3.6.1

Trust: 1.0

vendor:openpkgmodel:openpkgscope:eqversion:1.3

Trust: 1.0

vendor:openbsdmodel:opensshscope:ltversion:3.6.1

Trust: 1.0

vendor:レッドハットmodel:red hat linuxscope:eqversion:7.1

Trust: 0.8

vendor:openbsdmodel:opensshscope: - version: -

Trust: 0.8

vendor:レッドハットmodel:red hat enterprise linuxscope: - version: -

Trust: 0.8

vendor:レッドハットmodel:red hat linuxscope:eqversion:7.2

Trust: 0.8

vendor:ターボリナックスmodel:turbolinux serverscope: - version: -

Trust: 0.8

vendor:レッドハットmodel:red hat linuxscope:eqversion:8.0

Trust: 0.8

vendor:レッドハットmodel:red hat linuxscope:eqversion:7.3

Trust: 0.8

vendor:レッドハットmodel:red hat linuxscope:eqversion:9

Trust: 0.8

vendor:サイバートラスト株式会社model:asianux serverscope: - version: -

Trust: 0.8

vendor:susemodel:linux enterprise serverscope:eqversion:9

Trust: 0.6

vendor:s u s emodel:linux personal x86 64scope:eqversion:9.2

Trust: 0.6

vendor:s u s emodel:linux personalscope:eqversion:9.2

Trust: 0.6

vendor:opensshmodel:p1scope:eqversion:3.6.1

Trust: 0.6

vendor:opensshmodel:p1scope:eqversion:3.5

Trust: 0.6

vendor:opensshmodel:p1scope:eqversion:3.4

Trust: 0.6

vendor:opensshmodel:p1scope:eqversion:3.1

Trust: 0.6

vendor:openbsdmodel:opensshscope:eqversion:3.4p1

Trust: 0.6

vendor:openbsdmodel:opensshscope:eqversion:3.6.1p1

Trust: 0.6

vendor:s u s emodel:linux personal x86 64scope:eqversion:9.0

Trust: 0.3

vendor:s u s emodel:linux personalscope:eqversion:9.0

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.9

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.8.1

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.8

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.7.1

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.7.1

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.7

Trust: 0.3

vendor:opensshmodel:.1p2scope:eqversion:3.7

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.7

Trust: 0.3

vendor:opensshmodel:p2scope:eqversion:3.6.1

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.6.1

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.5

Trust: 0.3

vendor:opensshmodel:p1-1scope:eqversion:3.4

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.4

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.3

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.3

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.2.3

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.2.2

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.2

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.1

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.0.2

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.0.2

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.0.1

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.0.1

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.0

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.0

Trust: 0.3

vendor:ubuntumodel:linux ppcscope:eqversion:4.1

Trust: 0.3

vendor:ubuntumodel:linux ia64scope:eqversion:4.1

Trust: 0.3

vendor:ubuntumodel:linux ia32scope:eqversion:4.1

Trust: 0.3

vendor:turbolinuxmodel:workstationscope:eqversion:8.0

Trust: 0.3

vendor:turbolinuxmodel:workstationscope:eqversion:7.0

Trust: 0.3

vendor:turbolinuxmodel:workstationscope:eqversion:6.0

Trust: 0.3

vendor:turbolinuxmodel:serverscope:eqversion:8.0

Trust: 0.3

vendor:turbolinuxmodel:serverscope:eqversion:7.0

Trust: 0.3

vendor:turbolinuxmodel:serverscope:eqversion:6.5

Trust: 0.3

vendor:turbolinuxmodel:serverscope:eqversion:6.1

Trust: 0.3

vendor:turbolinuxmodel:advanced serverscope:eqversion:6.0

Trust: 0.3

vendor:s u s emodel:linux personal x86 64scope:eqversion:9.1

Trust: 0.3

vendor:s u s emodel:linux personalscope:eqversion:9.1

Trust: 0.3

vendor:opensshmodel:p2scope:neversion:3.6.1

Trust: 0.3

sources: BID: 11781 // BID: 7467 // JVNDB: JVNDB-2003-000136 // CNNVD: CNNVD-200305-021 // NVD: CVE-2003-0190

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2003-0190
value: MEDIUM

Trust: 1.0

NVD: CVE-2003-0190
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200305-021
value: MEDIUM

Trust: 0.6

VULMON: CVE-2003-0190
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2003-0190
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

sources: VULMON: CVE-2003-0190 // JVNDB: JVNDB-2003-000136 // CNNVD: CNNVD-200305-021 // NVD: CVE-2003-0190

PROBLEMTYPE DATA

problemtype:CWE-203

Trust: 1.0

problemtype:Observable discrepancy (CWE-203) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2003-000136 // NVD: CVE-2003-0190

THREAT TYPE

network

Trust: 0.6

sources: BID: 11781 // BID: 7467

TYPE

Design Error

Trust: 1.2

sources: BID: 11781 // BID: 7467 // CNNVD: CNNVD-200305-021

EXPLOIT AVAILABILITY

sources: VULMON: CVE-2003-0190

PATCH

title:RHSA-2003url:http://www.openbsd.org/

Trust: 0.8

title:Ubuntu Security Notice: openssh information leakageurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-34-1

Trust: 0.1

title:https://github.com/octane23/CASE-STUDY-1url:https://github.com/octane23/CASE-STUDY-1

Trust: 0.1

title:advisoriesurl:https://github.com/0xdea/advisories

Trust: 0.1

title:exploitsurl:https://github.com/0xdea/exploits

Trust: 0.1

sources: VULMON: CVE-2003-0190 // JVNDB: JVNDB-2003-000136

EXTERNAL IDS

db:NVDid:CVE-2003-0190

Trust: 3.9

db:BIDid:7467

Trust: 2.8

db:SIEMENSid:SSA-412672

Trust: 1.1

db:JVNDBid:JVNDB-2003-000136

Trust: 0.8

db:TURBOid:TLSA-2003-31

Trust: 0.6

db:FULLDISCid:20030430 OPENSSH/PAM TIMING ATTACK ALLOWS REMOTE USERS IDENTIFICATION

Trust: 0.6

db:BUGTRAQid:20030430 OPENSSH/PAM TIMING ATTACK ALLOWS REMOTE USERS IDENTIFICATION

Trust: 0.6

db:BUGTRAQid:20030806 [OPENPKG-SA-2003.035] OPENPKG SECURITY ADVISORY (OPENSSH)

Trust: 0.6

db:REDHATid:RHSA-2003:224

Trust: 0.6

db:REDHATid:RHSA-2003:222

Trust: 0.6

db:OVALid:OVAL:ORG.MITRE.OVAL:DEF:445

Trust: 0.6

db:CNNVDid:CNNVD-200305-021

Trust: 0.6

db:BIDid:11781

Trust: 0.3

db:ICS CERTid:ICSA-22-349-21

Trust: 0.1

db:EXPLOIT-DBid:26

Trust: 0.1

db:VULMONid:CVE-2003-0190

Trust: 0.1

sources: VULMON: CVE-2003-0190 // BID: 11781 // BID: 7467 // JVNDB: JVNDB-2003-000136 // CNNVD: CNNVD-200305-021 // NVD: CVE-2003-0190

REFERENCES

url:http://www.securityfocus.com/bid/7467

Trust: 3.5

url:http://lists.grok.org.uk/pipermail/full-disclosure/2003-april/004815.html

Trust: 2.7

url:http://lab.mediaservice.net/advisory/2003-01-openssh.txt

Trust: 2.7

url:http://www.redhat.com/support/errata/rhsa-2003-222.html

Trust: 2.7

url:http://www.redhat.com/support/errata/rhsa-2003-224.html

Trust: 2.7

url:http://www.turbolinux.com/security/tlsa-2003-31.txt

Trust: 2.7

url:http://marc.info/?l=bugtraq&m=105172058404810&w=2

Trust: 2.1

url:http://marc.info/?l=bugtraq&m=106018677302607&w=2

Trust: 2.1

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a445

Trust: 2.1

url:https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

Trust: 2.1

url:http://marc.theaimsgroup.com/?l=bugtraq&m=105172058404810&w=2

Trust: 1.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0190

Trust: 0.8

url:http://marc.theaimsgroup.com/?l=bugtraq&m=106018677302607&w=2

Trust: 0.6

url:http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:445

Trust: 0.6

url:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=248747

Trust: 0.3

url:http://rhn.redhat.com/errata/rhsa-2003-224.html

Trust: 0.3

url:http://sunsolve.sun.com/patches/linux/security.html

Trust: 0.3

url:/archive/1/320031

Trust: 0.3

url:/archive/1/320302

Trust: 0.3

url:/archive/1/320239

Trust: 0.3

url:/archive/1/320280

Trust: 0.3

url:/archive/1/320276

Trust: 0.3

url:/archive/1/320270

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/203.html

Trust: 0.1

url:https://usn.ubuntu.com/34-1/

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.exploit-db.com/exploits/26/

Trust: 0.1

url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21

Trust: 0.1

sources: VULMON: CVE-2003-0190 // BID: 7467 // JVNDB: JVNDB-2003-000136 // CNNVD: CNNVD-200305-021 // NVD: CVE-2003-0190

CREDITS

Marco Ivaldi※ raptor@mediaservice.net

Trust: 0.6

sources: CNNVD: CNNVD-200305-021

SOURCES

db:VULMONid:CVE-2003-0190
db:BIDid:11781
db:BIDid:7467
db:JVNDBid:JVNDB-2003-000136
db:CNNVDid:CNNVD-200305-021
db:NVDid:CVE-2003-0190

LAST UPDATE DATE

2024-11-22T20:55:57.085000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2003-0190date:2024-02-15T00:00:00
db:BIDid:11781date:2007-05-08T23:09:00
db:BIDid:7467date:2007-02-22T02:36:00
db:JVNDBid:JVNDB-2003-000136date:2024-03-04T01:48:00
db:CNNVDid:CNNVD-200305-021date:2006-03-28T00:00:00
db:NVDid:CVE-2003-0190date:2024-11-20T23:44:10.643

SOURCES RELEASE DATE

db:VULMONid:CVE-2003-0190date:2003-05-12T00:00:00
db:BIDid:11781date:2004-11-30T00:00:00
db:BIDid:7467date:2003-04-30T00:00:00
db:JVNDBid:JVNDB-2003-000136date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200305-021date:2003-04-30T00:00:00
db:NVDid:CVE-2003-0190date:2003-05-12T04:00:00