A covert timing channel flaw was found in the way OpenSSH handled authentication of non-existent users. A remote unauthenticated attacker could possibly use this flaw to determine valid user names by measuring the timing of server responses.

References

bugzilla.redhat.com/show_bug.cgi?id=1357442

veracode 1

f5 1

nvd 1

openvas 19

nessus 32

centos 2

packetstorm 2

ibm 22

cvelist 1

osv 3

debiancve 1

prion 1

archlinux 1

fedora 1

cve 1

debian 3

redhat 2

exploitpack 2

zdt 2

hackerone 1

paloalto 1

oraclelinux 3

ubuntucve 1

alpinelinux 1

exploitdb 2

cloudfoundry 1

freebsd 1

slackware 1

ubuntu 1

checkpoint_advisories 1

aix 1

altlinux 3

symantec 1

mageia 1

gentoo 1

amazon 1

rosalinux 1

ics 1

veracode

Information Disclosure

2019-01-15 09:20:13

K14845276 : OpenSSH vulnerability CVE-2016-6210

2016-12-23 00:00:00

nvd

CVE-2016-6210

2017-02-13 17:59:00

openvas

Debian: Security Advisory (DLA-578-1)

2023-03-08 00:00:00

RedHat Update for openssh RHSA-2017:2563-01

2017-09-01 00:00:00

Debian: Security Advisory (DSA-3626-1)

2016-08-02 00:00:00

nessus

EulerOS 2.0 SP1 : openssh (EulerOS-SA-2017-1189)

2017-09-08 00:00:00

Debian DSA-3626-1 : openssh - security update

2016-07-25 00:00:00

Debian DLA-578-1 : openssh security update

2016-08-01 00:00:00

centos

openssh, pam_ssh_agent_auth security update

2017-08-31 18:50:28

openssh, pam_ssh_agent_auth security update

2017-08-24 01:40:16

packetstorm

OpenSSHD 7.2p2 User Enumeration

2016-07-18 00:00:00

OpenSSHD 7.2p2 User Enumeration

2016-07-21 00:00:00

ibm

Security Bulletin: Vulnerability in OpenSSH affects IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru firmware.

2019-01-31 02:25:02

Security Bulletin: Vulnerability in OpenSSH affects IBM Flex System FC5022 16Gb SAN Scalable Switch (CVE-2016-6210)

2019-01-31 02:25:02

Security Bulletin: Multiple vulnerabilities in OpenSSH affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

2023-03-29 01:48:02

cvelist

CVE-2016-6210

2017-02-13 00:00:00

osv

openssh - security update

2016-07-30 00:00:00

CVE-2016-6210

2017-02-13 17:59:00

openssh - security update

2016-07-24 00:00:00

debiancve

CVE-2016-6210

2017-02-13 17:59:00

prion

Design/Logic Flaw

2017-02-13 17:59:00

archlinux

openssh: information leakage

2016-08-02 00:00:00

fedora

[SECURITY] Fedora 24 Update: openssh-7.2p2-10.fc24

2016-07-20 17:50:40

cve

CVE-2016-6210

2017-02-13 17:59:00

debian

[SECURITY] [DSA 3626-1] openssh security update

2016-07-24 09:19:18

[SECURITY] [DSA 3626-1] openssh security update

2016-07-24 09:19:18

[SECURITY] [DLA 578-1] openssh security update

2016-07-30 21:40:46

redhat

(RHSA-2017:2563) Moderate: openssh security update

2017-08-31 13:09:34

(RHSA-2017:2029) Moderate: openssh security, bug fix, and enhancement update

2017-08-01 05:57:17

exploitpack

OpenSSHd 7.2p2 - Username Enumeration

2016-07-18 00:00:00

OpenSSH 7.2p2 - Username Enumeration

2016-07-20 00:00:00

zdt

OpenSSHd 7.2p2 - Username Enumeration (2)

2016-07-20 00:00:00

OpenSSHd 7.2p2 - Username Enumeration (1)

2016-07-18 00:00:00

hackerone

Nextcloud: Password authentication at newsletter.nextcloud.com discloses username list

2019-01-08 09:59:42

paloalto

OpenSSH Vulnerability

2016-11-17 17:02:00

oraclelinux

openssh security update

2017-08-31 00:00:00

openssh security update

2023-08-11 00:00:00

openssh security, bug fix, and enhancement update

2017-08-07 00:00:00

ubuntucve

CVE-2016-6210

2016-07-18 00:00:00

alpinelinux

CVE-2016-6210

2017-02-13 17:59:00

exploitdb

OpenSSH 7.2p2 - Username Enumeration

2016-07-20 00:00:00

OpenSSHd 7.2p2 - Username Enumeration

2016-07-18 00:00:00

cloudfoundry

USN-3061-1 OpenSSH vulnerability | Cloud Foundry

2016-08-25 00:00:00

freebsd

openssh -- sshd -- remote valid user discovery and PAM /bin/login attack

2016-08-01 00:00:00

slackware

[slackware-security] openssh

2016-08-06 21:10:35

ubuntu

OpenSSH vulnerabilities

2016-08-15 00:00:00

checkpoint_advisories

Multiple SSH Initial Connection Requests (CVE-2003-0190; CVE-2006-5229; CVE-2016-6210)

2011-03-29 00:00:00

aix

AIX OpenSSH Vulnerability

2016-09-08 14:36:37

altlinux

Security fix for the ALT Linux 7 package openssh version 6.7p1-alt1.M70P.3

2016-10-20 00:00:00

Security fix for the ALT Linux 8 package openssh version 7.2p2-alt2

2016-10-21 00:00:00

Security fix for the ALT Linux 6 package openssh version 6.7p1-alt1.M60P.3

2016-10-20 00:00:00

symantec

SA136 : OpenSSH Vulnerabilities

2016-12-13 08:00:00

mageia

Updated openssh packages fix security vulnerability

2016-08-31 18:32:33

gentoo

OpenSSH: Multiple vulnerabilities

2016-12-07 00:00:00

amazon

Medium: openssh

2017-10-03 11:00:00

rosalinux

Advisory ROSA-SA-2021-1938

2021-07-02 17:38:20

ics

Siemens SCALANCE X-200RNA Switch Devices

2022-12-19 12:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.107 Low

EPSS

Percentile

95.1%

JSON

Related for RH:CVE-2016-6210