From owner-freebsd-security@freebsd.org  Thu Apr 25 09:46:37 2019
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 86F421591F01
 for <freebsd-security@mailman.ysv.freebsd.org>;
 Thu, 25 Apr 2019 09:46:37 +0000 (UTC) (envelope-from des@freebsd.org)
Received: from smtp.freebsd.org (smtp.freebsd.org
 [IPv6:2610:1c1:1:606c::24b:4])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "smtp.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id DA386732AA;
 Thu, 25 Apr 2019 09:46:36 +0000 (UTC) (envelope-from des@freebsd.org)
Received: from next.des.no (cm-84.215.56.209.getinternet.no [84.215.56.209])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate) (Authenticated sender: des)
 by smtp.freebsd.org (Postfix) with ESMTPSA id 930554423;
 Thu, 25 Apr 2019 09:46:36 +0000 (UTC) (envelope-from des@freebsd.org)
Received: by next.des.no (Postfix, from userid 1001)
 id 7BFB2866C; Thu, 25 Apr 2019 11:46:34 +0200 (CEST)
From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@FreeBSD.org>
To: Brahmanand Reddy <brahma.gdb@gmail.com>
Cc: openssh@openssh.com,  FreeBSD-security@freebsd.org
Subject: Re: POC and patch for the CVE-2018-15473
In-Reply-To: <CAKsRH7njoE9VD+gxg6ZrZ4vPT_4b9-Hnz+1b8fVeQVcjse91mQ@mail.gmail.com>
 (Brahmanand Reddy's message of "Wed, 24 Apr 2019 16:57:37 +0530")
References: <CAKsRH7mBLc3FTJ08uETkniG=wdwyaZrvpYYJAxYmj+pPRU4ibw@mail.gmail.com>
 <86mukfhfb3.fsf@next.des.no>
 <CAKsRH7njoE9VD+gxg6ZrZ4vPT_4b9-Hnz+1b8fVeQVcjse91mQ@mail.gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (berkeley-unix)
Date: Thu, 25 Apr 2019 11:46:34 +0200
Message-ID: <86ftq6to1x.fsf@next.des.no>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Rspamd-Queue-Id: DA386732AA
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.98 / 15.00]; TAGGED_RCPT(0.00)[];
 local_wl_from(0.00)[freebsd.org];
 NEURAL_HAM_SHORT(-0.98)[-0.976,0];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]
X-Mailman-Approved-At: Thu, 25 Apr 2019 11:23:11 +0000
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Apr 2019 09:46:37 -0000

Brahmanand Reddy <brahma.gdb@gmail.com> writes:
> CVE-2018-15473 is a "user existence oracle bug which does not meet our
> criteria for security advisories".
>
> You mean this vulnerability which will impact/affects only for Oracle
> base? . kindly=C2=A0 confirm.

An oracle vulnerability is a type of information disclosure bug which
does not directly expose information but can be used to confirm guesses.
In this case, the bug allows you to confirm the existence of an account
by attempting to log into it with a random password.  It does not
actually give you a list of existing accounts, as =E2=80=9Caccount enumerat=
ion=E2=80=9D
would suggest.

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@FreeBSD.org