OpenSSH User Enumeration Vulnerability (CVE-2018-15473) Vulnerability Fix - Code World

OpenSSH User Enumeration Vulnerability (CVE-2018-15473) Vulnerability Fix

Language 2023-10-01 14:46:07 views: null

OpenSSH user enumeration vulnerability (CVE-2018-15473) vulnerability fixed

1 Vulnerability description
2 Bug fixes
3 related questions

1 Vulnerability description

Insert image description here

2 Bug fixes

Check the current openssh version:

[root@izr0a05u4qferpr7yfhtotz ~]# ssh -V
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017
[root@izr0a05u4qferpr7yfhtotz ~]#

Download the openssh 7.8 version installation package and upload it to the server;

Unzip the installation package:

[root@izr0a05u4qferpr7yfhtoqz opt]# tar -xvf openssh-7.8p1.tar.gz

Enter the decompressed directory and start compilation and installation:

[root@izr0a05u4qferpr7yfhtoqz opt]# cd openssh-7.8p1
[root@izr0a05u4qferpr7yfhtoqz openssh-7.8p1]# ./configure
...省略过程日志...
[root@izr0a05u4qferpr7yfhtoqz openssh-7.8p1]# make
...略过程日志...
[root@izr0a05u4qferpr7yfhtoqz openssh-7.8p1]# make install

3 related questions

If the following error occurs during compilation, it means that zlib is not installed:

checking for zlib.h... no
configure: error: *** zlib.h missing - please install first or check config.log ***

Install zlib:

yum -y install zlib zlib-devel

If the following error occurs during compilation:

checking for openssl/opensslv.h... no
configure: error: *** OpenSSL headers missing - please install first or check config.log ***

Solution:

yum install openssl openssl-devel

Guess you like

Origin blog.csdn.net/weixin_46505978/article/details/131470405

OpenSSH User Enumeration Vulnerability (CVE-2018-15473) Vulnerability Fix

Remember to fix the vulnerability once (OpenSSH security vulnerability (CVE-2023-28531)) CentOS upgrade openssh

(SQL) Injection Vulnerability Fix

openssh kex.c denial of service vulnerability vulnerability (CVE-2016-8858) processing

Redis denial of service vulnerability (CVE-2023-28856) fix

Apache Roller file server-side request forgery and enumeration Vulnerability (CVE-2018-17198)

centos upgrade openssh7.4, OpenSSH Remote Code Execution Vulnerability

OpenSSH input validation error vulnerability (CVE-2019-16905) OpenSSH_9.2p1 version upgrade (CentOS7 system)

Smartbi modify user password vulnerability

How to fix ssh vulnerability and upgrade version

centos upgrade mysql8 vulnerability fix

OpenSSH code issue vulnerability (CVE-2023-38408) upgraded to the latest version

DVR login bypass vulnerability _CVE-2018-9995 vulnerability reproducibility

CVE-2018-8174 vulnerability exploitation and vulnerability reinforcement

Change source code/fix CVE-2016-1000027 vulnerability analysis in Java

Software vulnerability CVE finishing

Уязвимость перечисления пользователей OpenSSH (CVE-2018-15473) Исправление уязвимости

Уязвимость перечисления пользователей OpenSSH (CVE-2018-15473) Исправление уязвимости

Уязвимость перечисления пользователей OpenSSH (CVE-2018-15473) Исправление уязвимости

CVE-2018-15664 Vulnerability Analysis Report

CVE-2018-4878 vulnerability reproduction

weblogic (CVE-2018-2628 vulnerability reproduction)

OpenSSH_8.3-Command injection vulnerability attack and repair

File upload vulnerability (.user.ini and .htaccess)

Smartbi Built-in User Login Bypass Vulnerability

KDE Frameworks 5.61 release, fix the directory / file security vulnerability Desktop

Not fixed! Your device will be remotely controlled by hackers, experts warn to fix this vulnerability

PHP7 ZipArchive integer overflow vulnerability and its fix

Before Nacos 1.4.1, there is an authentication vulnerability, it is recommended to fix to the latest version

Upgrade sudo to 1.9.5p2, fix sudo vulnerability

Recommended

Ranking

error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘

Database migration between Navicat servers

Minimum number of rotation of the array: Array

balenaEtcher for mac (make a boot disk software) v1.5.67

Custom processing serialization and deserialization in jackson

Mu-en-mask system development software

Mastering Regular Expressions

Find mileage Java--

Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions

[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite

Daily

More

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)

2024-05-03(8)