From 1447a6d3d415bdf509f06819ab2808dcb6fcb7d3 Mon Sep 17 00:00:00 2001
From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com>
Date: Sat, 21 Aug 2021 18:55:11 +0700
Subject: [PATCH 1/2] Update and rename
 network/openssh-username-enumeration.yaml to cves/2018/CVE-2018-15473.yaml

---
 cves/2018/CVE-2018-15473.yaml             |  19 +++
 network/openssh-username-enumeration.yaml | 145 ----------------------
 2 files changed, 19 insertions(+), 145 deletions(-)
 create mode 100644 cves/2018/CVE-2018-15473.yaml
 delete mode 100644 network/openssh-username-enumeration.yaml

diff --git a/cves/2018/CVE-2018-15473.yaml b/cves/2018/CVE-2018-15473.yaml
new file mode 100644
index 0000000000..2ce1189af5
--- /dev/null
+++ b/cves/2018/CVE-2018-15473.yaml
@@ -0,0 +1,19 @@
+id: CVE-2018-15473
+
+info:
+  name: OpenSSH Username Enumeration
+  author: r3dg33k,daffainfo
+  description: OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
+  severity: low
+  tags: network,openssh
+  reference: https://nvd.nist.gov/vuln/detail/CVE-2018-15473
+
+network:
+  - host:
+      - "{{Hostname}}"
+      - "{{Hostname}}:22"
+
+    matchers:
+      - type: regex
+        regex:
+          - 'SSH-2.0-OpenSSH_[1-7].*'
diff --git a/network/openssh-username-enumeration.yaml b/network/openssh-username-enumeration.yaml
deleted file mode 100644
index afc5084ca3..0000000000
--- a/network/openssh-username-enumeration.yaml
+++ /dev/null
@@ -1,145 +0,0 @@
-id: openssh-username-enumeration
-
-info:
-  name: OpenSSH 2.3 < 7.7 Detection
-  author: r3dg33k
-  severity: medium
-  tags: network,openssh
-  description: OpenSSH 2.3 < 7.7 is vulnerable to username enumeration
-  reference: https://nvd.nist.gov/vuln/detail/CVE-2018-15473
-
-network:
-  - host:
-      - "{{Hostname}}"
-      - "{{Hostname}}:22"
-
-    matchers:
-      - type: word
-        words:
-          - "SSH-2.0-OpenSSH_7.6"
-          - "SSH-2.0-OpenSSH_7.6p1"
-          - "SSH-2.0-OpenSSH_7.5"
-          - "SSH-2.0-OpenSSH_7.5p1"
-          - "SSH-2.0-OpenSSH_7.4"
-          - "SSH-2.0-OpenSSH_7.4p1"
-          - "SSH-2.0-OpenSSH_7.3"
-          - "SSH-2.0-OpenSSH_7.3p1"
-          - "SSH-2.0-OpenSSH_7.2p2"
-          - "SSH-2.0-OpenSSH_7.2"
-          - "SSH-2.0-OpenSSH_7.2p1"
-          - "SSH-2.0-OpenSSH_7.1p2"
-          - "SSH-2.0-OpenSSH_7.1"
-          - "SSH-2.0-OpenSSH_7.1p1"
-          - "SSH-2.0-OpenSSH_7.0"
-          - "SSH-2.0-OpenSSH_7.0p1"
-          - "SSH-2.0-OpenSSH_6.9"
-          - "SSH-2.0-OpenSSH_6.9p1"
-          - "SSH-2.0-OpenSSH_6.8"
-          - "SSH-2.0-OpenSSH_6.8p1"
-          - "SSH-2.0-OpenSSH_6.7"
-          - "SSH-2.0-OpenSSH_6.7p1"
-          - "SSH-2.0-OpenSSH_6.6"
-          - "SSH-2.0-OpenSSH_6.6p1"
-          - "SSH-2.0-OpenSSH_6.5"
-          - "SSH-2.0-OpenSSH_6.5p1"
-          - "SSH-2.0-OpenSSH_6.4"
-          - "SSH-2.0-OpenSSH_6.4p1"
-          - "SSH-2.0-OpenSSH_6.3"
-          - "SSH-2.0-OpenSSH_6.3p1"
-          - "SSH-2.0-OpenSSH_6.2p2"
-          - "SSH-2.0-OpenSSH_6.2"
-          - "SSH-2.0-OpenSSH_6.2p1"
-          - "SSH-2.0-OpenSSH_6.1"
-          - "SSH-2.0-OpenSSH_6.1p1"
-          - "SSH-2.0-OpenSSH_6.0"
-          - "SSH-2.0-OpenSSH_6.0p1"
-          - "SSH-2.0-OpenSSH_5.9"
-          - "SSH-2.0-OpenSSH_5.9p1"
-          - "SSH-2.0-OpenSSH_5.8p2"
-          - "SSH-2.0-OpenSSH_5.8"
-          - "SSH-2.0-OpenSSH_5.8p1"
-          - "SSH-2.0-OpenSSH_5.7"
-          - "SSH-2.0-OpenSSH_5.7p1"
-          - "SSH-2.0-OpenSSH_5.6"
-          - "SSH-2.0-OpenSSH_5.6p1"
-          - "SSH-2.0-OpenSSH_5.5"
-          - "SSH-2.0-OpenSSH_5.5p1"
-          - "SSH-2.0-OpenSSH_5.4"
-          - "SSH-2.0-OpenSSH_5.4p1"
-          - "SSH-2.0-OpenSSH_5.3"
-          - "SSH-2.0-OpenSSH_5.3p1"
-          - "SSH-2.0-OpenSSH_5.2"
-          - "SSH-2.0-OpenSSH_5.2p1"
-          - "SSH-2.0-OpenSSH_5.1"
-          - "SSH-2.0-OpenSSH_5.1p1"
-          - "SSH-2.0-OpenSSH_5.0"
-          - "SSH-2.0-OpenSSH_5.0p1"
-          - "SSH-2.0-OpenSSH_4.9"
-          - "SSH-2.0-OpenSSH_4.9p1"
-          - "SSH-2.0-OpenSSH_4.8"
-          - "SSH-2.0-OpenSSH_4.8p1"
-          - "SSH-2.0-OpenSSH_4.6"
-          - "SSH-2.0-OpenSSH_4.6p1"
-          - "SSH-2.0-OpenSSH_4.7"
-          - "SSH-2.0-OpenSSH_4.7p1"
-          - "SSH-2.0-OpenSSH_4.5"
-          - "SSH-2.0-OpenSSH_4.5p1"
-          - "SSH-2.0-OpenSSH_4.4"
-          - "SSH-2.0-OpenSSH_4.4p1"
-          - "SSH-2.0-OpenSSH_4.3p2"
-          - "SSH-2.0-OpenSSH_4.3"
-          - "SSH-2.0-OpenSSH_4.3p1"
-          - "SSH-2.0-OpenSSH_4.2"
-          - "SSH-2.0-OpenSSH_4.2p1"
-          - "SSH-2.0-OpenSSH_4.1"
-          - "SSH-2.0-OpenSSH_4.1p1"
-          - "SSH-2.0-OpenSSH_4.0"
-          - "SSH-2.0-OpenSSH_4.0p1"
-          - "SSH-2.0-OpenSSH_3.9"
-          - "SSH-2.0-OpenSSH_3.9p1"
-          - "SSH-2.0-OpenSSH_3.8.1p1"
-          - "SSH-2.0-OpenSSH_3.8"
-          - "SSH-2.0-OpenSSH_3.8p1"
-          - "SSH-2.0-OpenSSH_3.7.1p2"
-          - "SSH-2.0-OpenSSH_3.7.1"
-          - "SSH-2.0-OpenSSH_3.7.1p1"
-          - "SSH-2.0-OpenSSH_3.7"
-          - "SSH-2.0-OpenSSH_3.7p1"
-          - "SSH-2.0-OpenSSH_3.6.1p2"
-          - "SSH-2.0-OpenSSH_3.6.1"
-          - "SSH-2.0-OpenSSH_3.6.1p1"
-          - "SSH-2.0-OpenSSH_3.6"
-          - "SSH-2.0-OpenSSH_3.6p1"
-          - "SSH-2.0-OpenSSH_3.5"
-          - "SSH-2.0-OpenSSH_3.5p1"
-          - "SSH-2.0-OpenSSH_3.4"
-          - "SSH-2.0-OpenSSH_3.4p1"
-          - "SSH-2.0-OpenSSH_3.3"
-          - "SSH-2.0-OpenSSH_3.3p1"
-          - "SSH-2.0-OpenSSH_3.2.3"
-          - "SSH-2.0-OpenSSH_3.2.3p1"
-          - "SSH-2.0-OpenSSH_3.2.2"
-          - "SSH-2.0-OpenSSH_3.2.2p1"
-          - "SSH-2.0-OpenSSH_3.1"
-          - "SSH-2.0-OpenSSH_3.1p1"
-          - "SSH-2.0-OpenSSH_3.0.2"
-          - "SSH-2.0-OpenSSH_3.0.2p1"
-          - "SSH-2.0-OpenSSH_3.0p1"
-          - "SSH-2.0-OpenSSH_3.0.1"
-          - "SSH-2.0-OpenSSH_3.0.1p1"
-          - "SSH-2.0-OpenSSH_3.0"
-          - "SSH-2.0-OpenSSH_3.0p1"
-          - "SSH-2.0-OpenSSH_2.9p2"
-          - "SSH-2.0-OpenSSH_2.9.9"
-          - "SSH-2.0-OpenSSH_2.9.9p1"
-          - "SSH-2.0-OpenSSH_2.9"
-          - "SSH-2.0-OpenSSH_2.9p1"
-          - "SSH-2.0-OpenSSH_2.5.2p2"
-          - "SSH-2.0-OpenSSH_2.5.1p2"
-          - "SSH-2.0-OpenSSH_2.5.1p1"
-          - "SSH-2.0-OpenSSH_2.3.0p1"
-          - "SSH-2.0-OpenSSH_2.5.2p2"
-          - "SSH-2.0-OpenSSH_2.5.1p2"
-          - "SSH-2.0-OpenSSH_2.5.1p1"
-          - "SSH-2.0-OpenSSH_2.3.0p1"
-          - "SSH-2.0-OpenSSH_2.3"
\ No newline at end of file

From 9cc8cd3353e5c169b3749554360dcce08510bcb2 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Sat, 21 Aug 2021 18:52:00 +0530
Subject: [PATCH 2/2] Update CVE-2018-15473.yaml

---
 cves/2018/CVE-2018-15473.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cves/2018/CVE-2018-15473.yaml b/cves/2018/CVE-2018-15473.yaml
index 2ce1189af5..d13e41671f 100644
--- a/cves/2018/CVE-2018-15473.yaml
+++ b/cves/2018/CVE-2018-15473.yaml
@@ -3,10 +3,10 @@ id: CVE-2018-15473
 info:
   name: OpenSSH Username Enumeration
   author: r3dg33k,daffainfo
-  description: OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
   severity: low
-  tags: network,openssh
+  description: OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
   reference: https://nvd.nist.gov/vuln/detail/CVE-2018-15473
+  tags: network,openssh,cve,cve2018
 
 network:
   - host: