Displaying 1 result from an estimated 1 matches for "crackmapexec".
2020 Jul 18
2
[Bug 3196] New: [Information Disclosure] OpenSSH_7.4p1 Raspbian-10+deb9u7 discloses OS version
...er
Status: NEW
Severity: security
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: 5990 at protonmail.com
Created attachment 3432
--> https://bugzilla.mindrot.org/attachment.cgi?id=3432&action=edit
CrackMapExec accidentally reports OS version using the paramiko library
The Raspbian-10+deb9u7 release of OpenSSH_7.4p1 sends over the
"Raspbian-10+deb9u7" text when communicating SSHD version to a client.
This is considered an Information Disclosure error, because SSHD
shouldn't disclose OS Vers...