Mitigate timing differences in password authentication that could be
used to discern valid from invalid account names when long passwords
were sent and particular password hashing algorithms are in use on the
server. Reported by EddieEzra.Harari at verint.com

OSVersionArchitecturePackageVersionFilename
anyanyanyopenssh< 7.3p1-1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
any	any	any	openssh	< 7.3p1-1	UNKNOWN

References

seclists.org/fulldisclosure/2016/Jul/51

www.openssh.com/txt/release-7.3

access.redhat.com/security/cve/CVE-2016-6210

veracode 1

f5 1

nvd 1

openvas 19

nessus 32

centos 2

packetstorm 2

ibm 22

cvelist 1

osv 3

redhatcve 1

debiancve 1

prion 1

fedora 1

cve 1

debian 3

redhat 2

exploitpack 2

zdt 2

hackerone 1

paloalto 1

oraclelinux 3

ubuntucve 1

alpinelinux 1

exploitdb 2

cloudfoundry 1

freebsd 1

slackware 1

ubuntu 1

checkpoint_advisories 1

aix 1

altlinux 3

symantec 1

mageia 1

gentoo 1

amazon 1

rosalinux 1

ics 1

veracode

Information Disclosure

2019-01-15 09:20:13

K14845276 : OpenSSH vulnerability CVE-2016-6210

2016-12-23 00:00:00

nvd

CVE-2016-6210

2017-02-13 17:59:00

openvas

Debian: Security Advisory (DLA-578-1)

2023-03-08 00:00:00

RedHat Update for openssh RHSA-2017:2563-01

2017-09-01 00:00:00

Debian: Security Advisory (DSA-3626-1)

2016-08-02 00:00:00

nessus

EulerOS 2.0 SP1 : openssh (EulerOS-SA-2017-1189)

2017-09-08 00:00:00

Debian DSA-3626-1 : openssh - security update

2016-07-25 00:00:00

Debian DLA-578-1 : openssh security update

2016-08-01 00:00:00

centos

openssh, pam_ssh_agent_auth security update

2017-08-31 18:50:28

openssh, pam_ssh_agent_auth security update

2017-08-24 01:40:16

packetstorm

OpenSSHD 7.2p2 User Enumeration

2016-07-18 00:00:00

OpenSSHD 7.2p2 User Enumeration

2016-07-21 00:00:00

ibm

Security Bulletin: Vulnerability in OpenSSH affects IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru firmware.

2019-01-31 02:25:02

Security Bulletin: Vulnerability in OpenSSH affects IBM Flex System FC5022 16Gb SAN Scalable Switch (CVE-2016-6210)

2019-01-31 02:25:02

Security Bulletin: Multiple vulnerabilities in OpenSSH affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

2023-03-29 01:48:02

cvelist

CVE-2016-6210

2017-02-13 00:00:00

osv

openssh - security update

2016-07-30 00:00:00

CVE-2016-6210

2017-02-13 17:59:00

openssh - security update

2016-07-24 00:00:00

redhatcve

CVE-2016-6210

2016-07-18 09:18:22

debiancve

CVE-2016-6210

2017-02-13 17:59:00

prion

Design/Logic Flaw

2017-02-13 17:59:00

fedora

[SECURITY] Fedora 24 Update: openssh-7.2p2-10.fc24

2016-07-20 17:50:40

cve

CVE-2016-6210

2017-02-13 17:59:00

debian

[SECURITY] [DSA 3626-1] openssh security update

2016-07-24 09:19:18

[SECURITY] [DSA 3626-1] openssh security update

2016-07-24 09:19:18

[SECURITY] [DLA 578-1] openssh security update

2016-07-30 21:40:46

redhat

(RHSA-2017:2563) Moderate: openssh security update

2017-08-31 13:09:34

(RHSA-2017:2029) Moderate: openssh security, bug fix, and enhancement update

2017-08-01 05:57:17

exploitpack

OpenSSHd 7.2p2 - Username Enumeration

2016-07-18 00:00:00

OpenSSH 7.2p2 - Username Enumeration

2016-07-20 00:00:00

zdt

OpenSSHd 7.2p2 - Username Enumeration (2)

2016-07-20 00:00:00

OpenSSHd 7.2p2 - Username Enumeration (1)

2016-07-18 00:00:00

hackerone

Nextcloud: Password authentication at newsletter.nextcloud.com discloses username list

2019-01-08 09:59:42

paloalto

OpenSSH Vulnerability

2016-11-17 17:02:00

oraclelinux

openssh security update

2017-08-31 00:00:00

openssh security update

2023-08-11 00:00:00

openssh security, bug fix, and enhancement update

2017-08-07 00:00:00

ubuntucve

CVE-2016-6210

2016-07-18 00:00:00

alpinelinux

CVE-2016-6210

2017-02-13 17:59:00

exploitdb

OpenSSH 7.2p2 - Username Enumeration

2016-07-20 00:00:00

OpenSSHd 7.2p2 - Username Enumeration

2016-07-18 00:00:00

cloudfoundry

USN-3061-1 OpenSSH vulnerability | Cloud Foundry

2016-08-25 00:00:00

freebsd

openssh -- sshd -- remote valid user discovery and PAM /bin/login attack

2016-08-01 00:00:00

slackware

[slackware-security] openssh

2016-08-06 21:10:35

ubuntu

OpenSSH vulnerabilities

2016-08-15 00:00:00

checkpoint_advisories

Multiple SSH Initial Connection Requests (CVE-2003-0190; CVE-2006-5229; CVE-2016-6210)

2011-03-29 00:00:00

aix

AIX OpenSSH Vulnerability

2016-09-08 14:36:37

altlinux

Security fix for the ALT Linux 7 package openssh version 6.7p1-alt1.M70P.3

2016-10-20 00:00:00

Security fix for the ALT Linux 8 package openssh version 7.2p2-alt2

2016-10-21 00:00:00

Security fix for the ALT Linux 6 package openssh version 6.7p1-alt1.M60P.3

2016-10-20 00:00:00

symantec

SA136 : OpenSSH Vulnerabilities

2016-12-13 08:00:00

mageia

Updated openssh packages fix security vulnerability

2016-08-31 18:32:33

gentoo

OpenSSH: Multiple vulnerabilities

2016-12-07 00:00:00

amazon

Medium: openssh

2017-10-03 11:00:00

rosalinux

Advisory ROSA-SA-2021-1938

2021-07-02 17:38:20

ics

Siemens SCALANCE X-200RNA Switch Devices

2022-12-19 12:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.107 Low

EPSS

Percentile

95.1%

JSON

Related for ASA-201608-1