CVE-2007-2768 OpenSSH when using OPIE (One-Time Passwords in Everything) for PAM allows remote attackers to determine the existence of certain user accounts which displays a different response if the user account exists and is configured to use one-time passwords (OTP) a similar issue to CVE-2007-2243.

Posted on by No Comments ↓

This post has been republished via RSS; it originally appeared at: MSRC Security Update Guide.

Information published.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.