VDB
DEBIAN-CVE-2013-4434
DEBIAN-CVE-2013-4434
PUBLISHED
Dropbear SSH Server before 2013.59 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to discover valid usernames.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | dropbear | 0, 0, 0 |
| Debian:11 | dropbear | 0, 0, 0 |
| Debian:14 | dropbear | 0, 0, 0 |
| Debian:12 | dropbear | 0, 0, 0 |
Timeline
- Oct 25, 2013 CVE Published
- Apr 28, 2026 CVE Updated