Vulnerability Details : CVE-2016-6515
Potential exploit
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.
Vulnerability category: Denial of service
Products affected by CVE-2016-6515
- cpe:2.3:a:openbsd:openssh:*:p2:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
Threat overview for CVE-2016-6515
Top countries where our scanners detected CVE-2016-6515
Top open port discovered on systems with this issue
22
IPs affected by CVE-2016-6515 2,885,124
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2016-6515!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2016-6515
84.42%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-6515
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST | |
|
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2016-6515
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-6515
-
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:06.openssh.asc
-
http://www.securitytracker.com/id/1036487
OpenSSH Bugs Let Remote Users Deny Service and Obtain Potentially Sensitive Timing Information and Let Local Users Gain Elevated Privileges - SecurityTracker
-
http://openwall.com/lists/oss-security/2016/08/01/2
oss-security - Announce: OpenSSH 7.3 releasedThird Party Advisory;VDB Entry
-
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03779en_us
HPESBHF03779 rev.1 - HPE Fabric OS using OpenSSH, Denial of Service
-
https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf
-
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Oracle Critical Patch Update - October 2017
-
https://access.redhat.com/errata/RHSA-2017:2029
RHSA-2017:2029 - Security Advisory - Red Hat Customer Portal
-
http://www.securityfocus.com/bid/92212
OpenSSH CVE-2016-6515 Denial of Service Vulnerability
-
https://www.exploit-db.com/exploits/40888/
OpenSSH 7.2 - Denial of Service
-
https://security.netapp.com/advisory/ntap-20171130-0003/
CVE-2016-6515 OpenSSH Vulnerability in NetApp Products | NetApp Product Security
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2L6RW34VFNXYNVVN2CN73YAGJ5VMTFU/
[SECURITY] Fedora 24 Update: openssh-7.2p2-12.fc24 - package-announce - Fedora Mailing-ListsThird Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X2L6RW34VFNXYNVVN2CN73YAGJ5VMTFU/
[SECURITY] Fedora 24 Update: openssh-7.2p2-12.fc24 - package-announce - Fedora Mailing-Lists
-
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
-
https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
[SECURITY] [DLA 1500-1] openssh security update
-
http://packetstormsecurity.com/files/140070/OpenSSH-7.2-Denial-Of-Service.html
OpenSSH 7.2 Denial Of Service ≈ Packet Storm
-
https://github.com/openssh/openssh-portable/commit/fcd135c9df440bcd2d5870405ad3311743d78d97
upstream commit · openssh/openssh-portable@fcd135c · GitHubIssue Tracking;Patch
Jump to