Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 263579 (CVE-2009-1273) - <sys-auth/pam_ssh-1.97: Information disclosure if pam compiled with USE=ssh (usernames can be verified) (CVE-2009-1273)
Summary: <sys-auth/pam_ssh-1.97: Information disclosure if pam compiled with USE=ssh (...
Alias: CVE-2009-1273
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
Whiteboard: B4 [noglsa]
Depends on:
Reported: 2009-03-24 09:44 UTC by Kai Krakow
Modified: 2014-05-31 20:06 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

A proposed patch to the brute-force username enumeration vulnerability. (pam_ssh-1.97.patch,1.47 KB, patch)
2009-06-11 22:33 UTC, Mansour Moufid
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Kai Krakow 2009-03-24 09:44:22 UTC
I discovered that a brute force scanner could easily detect existing users by checking the ssh service if pam was compiled with USE=ssh.

When you try to connect to ssh on a pam[+ssh] enabled server, the ssh client will show just "Password:" as prompt for non-existing users while it displays "SSH passphrase:" for existing users.

Not sure if this should be fixed in pam or ssh. Probably in pam, as a local login prompt shows the same behaviour.

Reproducible: Always

Steps to Reproduce:
1. Compile pam with USE="ssh"
2. Merge configs and restart sshd
3. Try to login with bad username via ssh
Actual Results:  
Prompt "Password" is shown instead of "SSH passphrase" which would be shown if the user existed.

Expected Results:  
Make no difference in prompt - whether the user exists or not. Otherwise this behaviour may be exploitable to support brute force/dictionary attacks.

This behaviour enables attackers to verify the existence of users which usually services try to hide from remote connections (e.g. proftpd with mod_delay, sshd still asks for a password independent of user existence, etc). It should be fixed.
Comment 1 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-04-09 12:08:50 UTC
CVE-2009-1273 (
  pam_ssh 1.92 and possibly other versions, as used when PAM is
  compiled with USE=ssh, generates different error messages depending
  on whether the username is valid or invalid, which makes it easier
  for remote attackers to enumerate usernames.

Comment 2 Mansour Moufid 2009-06-11 22:33:18 UTC
Created attachment 194306 [details, diff]
A proposed patch to the brute-force username enumeration vulnerability.

This patch should fix the vulnerability described -- which was also present in the latest version, pam_ssh-1.97.
Comment 3 Mansour Moufid 2009-07-28 00:39:20 UTC
Comment on attachment 194306 [details, diff]
A proposed patch to the brute-force username enumeration vulnerability.

Actually, the bug was fixed in version 1.97:

> $Id: NEWS,v 1.12 2009/04/11 19:43:44 rosenauer Exp $
> Version 1.97
> ============
> SECURITY FIX: pam_ssh used a certain prompt if a user found to exist 
> to ask for the SSH passphrase explicitely depending on whether the
> username was valid or invalid, which made it easier for remote
> attackers to enumerate usernames. (CVE-2009-1273)
Comment 4 Diego Elio Pettenò (RETIRED) gentoo-dev 2009-07-28 02:10:52 UTC
Thanks Mansour, version 1.97 is in tree, if security team wants to handle the bug.
Comment 5 Tobias Heinlein (RETIRED) gentoo-dev 2009-07-28 09:16:11 UTC
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
Comment 6 Jeroen Roovers (RETIRED) gentoo-dev 2009-07-28 18:28:25 UTC
Stable for HPPA.
Comment 7 Markus Meier gentoo-dev 2009-07-29 21:16:19 UTC
amd64/x86 stable
Comment 8 Diego Elio Pettenò (RETIRED) gentoo-dev 2009-08-01 22:45:14 UTC
Please do stable 1.97-r1 rather than -r0.

Comment 9 Tobias Heinlein (RETIRED) gentoo-dev 2009-08-01 23:36:28 UTC
Re-adding arches as per comment #8 and bug 279538.
Comment 10 Markus Meier gentoo-dev 2009-08-02 10:15:59 UTC
amd64/x86 stable
Comment 11 Raúl Porcel (RETIRED) gentoo-dev 2009-08-02 10:22:04 UTC
alpha/arm/ia64/m68k/s390/sh/sparc stable
Comment 12 Jeroen Roovers (RETIRED) gentoo-dev 2009-08-02 15:01:52 UTC
Stable for HPPA.
Comment 13 Brent Baude (RETIRED) gentoo-dev 2009-08-02 15:17:26 UTC
ppc64 done
Comment 14 nixnut (RETIRED) gentoo-dev 2009-08-09 11:31:37 UTC
ppc stable
Comment 15 Robert Buchholz (RETIRED) gentoo-dev 2009-08-09 15:20:34 UTC
glsa: yes
Comment 16 Sean Amoss (RETIRED) gentoo-dev Security 2014-05-31 20:06:56 UTC
This issue has been fixed since Aug 09, 2009. No GLSA will be issued.