[Bug 1794629] Re: CVE-2018-15473 - User enumeration vulnerability

Seth Arnold 1794629 at bugs.launchpad.net
Mon Apr 1 22:53:55 UTC 2019 

Root, version 1:7.6p1-4ubuntu0.1 included the fix for CVE-2018-15473.

Version 1:7.6p1-4ubuntu0.2 is included in the disc image ubuntu-18.04.2
-server-amd64:

$ sha256sum ubuntu-18.04.2-server-amd64.iso 
a2cb36dc010d98ad9253ea5ad5a07fd6b409e3412c48f1860536970b073c98f5  ubuntu-18.04.2-server-amd64.iso
$ bsdtar tf ubuntu-18.04.2-server-amd64.iso | grep openssh
pool/main/o/openssh
pool/main/o/openssh/openssh-client-udeb_7.6p1-4ubuntu0.2_amd64.udeb
pool/main/o/openssh/openssh-client_7.6p1-4ubuntu0.2_amd64.deb
pool/main/o/openssh/openssh-server-udeb_7.6p1-4ubuntu0.2_amd64.udeb
pool/main/o/openssh/openssh-server_7.6p1-4ubuntu0.2_amd64.deb
pool/main/o/openssh/openssh-sftp-server_7.6p1-4ubuntu0.2_amd64.deb
pool/main/o/openssh/ssh_7.6p1-4ubuntu0.2_all.deb

1:7.6p1-4ubuntu0.2 includes the fix from 1:7.6p1-4ubuntu0.1 and fixes three more CVEs:
- CVE-2018-20685
- CVE-2019-6109
- CVE-2019-6111

During the install, you have the option of downloading and installing updates. These additional updates include openssh version 1:7.6p1-4ubuntu0.3 which includes addition fixes for one CVE:
- CVE-2019-6111

Thanks

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-20685

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-6109

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-6111

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1794629

Title:
  CVE-2018-15473 - User enumeration vulnerability

Status in openssh package in Ubuntu:
  Fix Released
Status in openssh source package in Trusty:
  Fix Released
Status in openssh source package in Xenial:
  Fix Released
Status in openssh source package in Bionic:
  Fix Released
Status in openssh source package in Cosmic:
  Fix Released

Bug description:
  https://nvd.nist.gov/vuln/detail/CVE-2018-15473

  OpenSSH through 7.7 is prone to a user enumeration vulnerability due
  to not delaying bailout for an invalid authenticating user until after
  the packet containing the request has been fully parsed, related to
  auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

  Fixed in Debian: https://www.debian.org/security/2018/dsa-4280

  Currently pending triage? https://people.canonical.com/~ubuntu-
  security/cve/2018/CVE-2018-15473.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1794629/+subscriptions

More information about the foundations-bugs mailing list