automatic module_metadata_base.json update

2018-08-20 17:36:50 -07:00 · 2018-08-20 17:36:50 -07:00 · 230433cf79
parent 2fe6bd0e98
commit 230433cf79
1 changed files with 2 additions and 2 deletions
--- a/db/modules_metadata_base.json
+++ b/db/modules_metadata_base.json
@ -23868,7 +23868,7 @@
      "Qualys",
      "wvu <wvu@metasploit.com>"
    ],
-    "description": "This module uses a malformed packet or timing attack to enumerate users on\n        an OpenSSH server.\n\n        The default action sends a malformed (truncated) SSH_MSG_USERAUTH_REQUEST\n        packet using public key authentication (must be enabled) to enumerate users.\n\n        On some versions of OpenSSH under some configurations, OpenSSH will return a\n        \"permission denied\" error for an invalid user faster than for a valid user,\n        creating an opportunity for a timing attack to enumerate users.\n\n        Testing note: invalid users were logged, while valid users were not. YMMV.",
+    "description": "This module uses a malformed packet or timing attack to enumerate users on\n        an OpenSSH server.\n\n        The default action sends a malformed (corrupted) SSH_MSG_USERAUTH_REQUEST\n        packet using public key authentication (must be enabled) to enumerate users.\n\n        On some versions of OpenSSH under some configurations, OpenSSH will return a\n        \"permission denied\" error for an invalid user faster than for a valid user,\n        creating an opportunity for a timing attack to enumerate users.\n\n        Testing note: invalid users were logged, while valid users were not. YMMV.",
    "references": [
      "CVE-2003-0190",
      "CVE-2006-5229",
@ -23884,7 +23884,7 @@
    "arch": "",
    "rport": 22,
    "targets": null,
-    "mod_time": "2018-08-20 17:10:14 +0000",
+    "mod_time": "2018-08-20 19:26:30 +0000",
    "path": "/modules/auxiliary/scanner/ssh/ssh_enumusers.rb",
    "is_install_path": true,
    "ref_name": "scanner/ssh/ssh_enumusers",