[Bug 971] keyboard-interactive/pam leaks info about user existence

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Jan 20 14:29:38 EST 2005


http://bugzilla.mindrot.org/show_bug.cgi?id=971


dtucker at zip.com.au changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED




------- Additional Comments From dtucker at zip.com.au  2005-01-20 14:29 -------
This is now fixed in -current and the 3.9 branch:

 - (dtucker) [auth-pam.c] Bug #971: Prevent leaking information about user
   existence via keyboard-interactive/pam, in conjunction with previous
   auth2-chall.c change; with Colin Watson and djm.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list