[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":17,"vulnerability-14560":24},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},["Island",18],{"key":19,"params":20,"result":22},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":21},"{\"text-color\":\"gray\"}",{"head":23},{},{"id":25,"detectable_with":26,"vuln_details":33,"vuln_id":49,"name":50,"published":51,"updated":34},14560,{"tool":27,"engine":30},{"id":28,"name":29},1,"Network Scanner",{"id":31,"name":32},3,"OpenVAS",{"id":25,"codename":34,"description":34,"severity":35,"risk_description":36,"public_description":37,"public_recommendation":38,"recommendation":34,"references":39,"cvssv3":42,"epss_score":43,"epss_percentile":44,"cve":45,"in_cisa_catalog":47,"date":48,"software_type":34,"vendor":34,"product":34,"ptt_exploit_capabilities":34},null,"medium","The flaw is due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c Successfully exploitation will allow remote attacker to test whether a certain user exists or not (username enumeration) on a target OpenSSH server.","OpenSSH is prone to a user enumeration vulnerability.","Update to version 7.8 or later.",[40,41],"https://0day.city/cve-2018-15473.html","https://github.com/openbsd/src/commit/779974d35b4859c07bc3cb8a12c74b43b0a7d1e0",5.3,0.90356,0.99602,[46],"CVE-2018-15473",false,"2018-08-17T00:00:00Z","NETSCAN-OPENVAS-1.3.6.1.4.1.25623.1.0.813863","OpenSSH \u003C 7.8 User Enumeration Vulnerability - Windows","2018-08-20T00:00:00Z"]