CVE-2007-2768 OpenSSH when using OPIE (One-Time Passwords in Everything) for PAM allows remote attackers to determine the existence of certain user accounts which displays a different response if the user account exists and is configured to use one-time passwords (OTP) a similar issue to CVE-2007-2243.
ATT&CK techniques detected
T1556.003Pluggable Authentication Modules
40%
“cve - 2007 - 2768 openssh when using opie ( one - time passwords in everything ) for pam allows remote attackers to determine the existence of certain user accounts which displays a different response if the user account exists and is configured to use one - time passwords ( otp …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Information published.