CVE-2007-2243

The MITRE CVE dictionary describes this issue as:

OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483.

Find out more about CVE-2007-2243 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Not vulnerable. The OpenSSH packages as shipped with Red Hat Enterprise Linux do not contain S/KEY support.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.