Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2015-5600

Disclosure Date: August 03, 2015
CVE-2015-5600
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Persistence
Techniques
Validation
Validated
Privilege Escalation
Techniques
Validation
Validated

Description

The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • openbsd

Products

  • openssh

References

Canonical
CVE-2015-5600 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5600)
BID-75990 (http://www.securityfocus.com/bid/75990)
BID-91787 (http://www.securityfocus.com/bid/91787)
BID-92012 (http://www.securityfocus.com/bid/92012)
Advisory
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
USN-2710-2 (http://www.ubuntu.com/usn/USN-2710-2)
FEDORA-2015-13469 (http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165170.html)
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128992
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
GLSA-201512-04 (https://security.gentoo.org/glsa/201512-04)
https://kc.mcafee.com/corporate/index?page=content&id=SB10136
https://security.netapp.com/advisory/ntap-20151106-0001
http://rhn.redhat.com/errata/RHSA-2016-0466.html
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth2-chall.c.diff?r1=1.42&r2=1.43&f=h
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10697
APPLE-SA-2015-08-13-2 (http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html)
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth2-chall.c
https://kc.mcafee.com/corporate/index?page=content&id=SB10157
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952480
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
https://support.apple.com/kb/HT205031
[debian-lts-announce] 20180910 [SECURITY] [DLA 1500-1] openssh security update (https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html)
[oss-security] 20150723 Re: CVE Request for OpenSSH vulnerability - authentication limits bypass (http://openwall.com/lists/oss-security/2015/07/23/4)
USN-2710-1 (http://www.ubuntu.com/usn/USN-2710-1)
FEDORA-2015-11981 (http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162955.html)
SECTRACK-1032988 (http://www.securitytracker.com/id/1032988)
20150717 OpenSSH keyboard-interactive authentication brute force vulnerability (MaxAuthTries bypass) (http://seclists.org/fulldisclosure/2015/Jul/92)
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
https://security.netapp.com/advisory/ntap-20151106-0001/
Miscellaneous
https://www.arista.com/en/support/advisories-notices/security-advisories/1174-security-advisory-12

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis