CVE-2007-2768 — Vulnetix

Try Vulnetix Request Demo

CVE-2007-2768 PUBLISHED

Reported by mitre · Published May 21, 2007

OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a, n/a

Timeline

May 21, 2007 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score

References

34601 vdb-entryx_refsource_OSVDB
20070424 Re: OpenSSH - System Account Enumeration if S/Key is used mailing-listx_refsource_FULLDISC
x_refsource_CONFIRM

Open in Interactive Console →