Monthly Archives: April 2003

CVE-2003-0190

CVE-2003-0190

OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist. This allows remote attackers to determine valid usernames via a…