Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Bug exposes OpenSSH servers to brute-force password guessing attacks

Bug exposes OpenSSH servers to brute-force password guessing attacks

2015/07/22

IDG News Service - (International) Security researchers reported that OpenSSH servers with keyboard-interactive authentication enabled by default are vulnerable to unlimited authentication retries over a single connection, exposing users to brute-force password guessing attacks.

Source: http://www.networkworld.com/article/2951493/bug-exposes-openssh-servers-to-bruteforce-password-guessing-attacks.html

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:47