A Feature Request

Devang Modi devang at teaksi.com
Mon May 29 20:59:42 AEST 2017


Dear Sir,

I wish to highlight a security limitation for OpenSSH/PAM.

Issue is attached with openssh-server-5.3p1-122.el6.x86_64
and pam-1.1.1-24.el6.x86_64. Or Both.

*Description of Issue:*

When some unknown visitor tries to open SSH connection and does not submit
password, */var/log/secure* log file is not logging source IP.

In absence of such information (IP) it will be tough to find and block such
visitor.

In case of DDoS attack, were attacker is not giving password but just
establishing connection on SSH, administrator become helpless.

But in same kind of attack or attempt , if unknown visitor submit password
string, openssh logs IP in /var/log/secure log file under name called rhost.

Kindly confirm and possible register this as a feature request.

thanks
Devang



---------- Forwarded message ----------
From: CVE Request <CVE-Request at mitre.org>
Date: Fri, May 19, 2017 at 6:00 PM
Subject: CVE Request 336279 for CVE ID Request
To: "devang at teaksi.com" <devang at teaksi.com>


Thank you for your submission. It will be reviewed by a CVE Assignment Team
member.





Changes, additions, or updates to your request can be sent to the CVE Team
by replying directly to this email.



Please do not change the subject line, which allows us to effectively track
your request.



CVE Assignment Team

M/S M300, 202 Burlington Road, Bedford, MA 01730 USA

[A PGP key is available for encrypted communications at

http://cve.mitre.org/cve/request_id.html]







{CMI: MCID920225}







-- 
Devang Modi
DBA, SCJP, RHCSA, RHCE
(91-79-40077845, 91-9377012569)



-- 
Devang Modi
DBA, SCJP, RHCSA, RHCE
(91-79-40077845, 91-9377012569)


More information about the openssh-unix-dev mailing list