OpenSSH is vulnerable to user enumeration attack. The issue affects all versions through 7.7. The vulnerability is tracked via CVE-2018-15473. Upon successful exploitation an attacker can test validity of usernames based on the target servers response. This information can be exploited in various ways depending upon the attackers resources, capabilities and the target scenario. PoC‘s exploiting … Continue reading “OpenSSH User name Enumeration Vulnerability : CVE-2018-15473”