VDB

DEBIAN-CVE-2013-4434

DEBIAN-CVE-2013-4434 PUBLISHED

Dropbear SSH Server before 2013.59 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to discover valid usernames.

Affected Products

VendorProductVersions
Debian:13dropbear0, 0, 0
Debian:11dropbear0, 0, 0
Debian:14dropbear0, 0, 0
Debian:12dropbear0, 0, 0

Timeline

  • Oct 25, 2013 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›