1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

OpenSSH has user enumeration bug

Discussion in 'The Register' started by RSS, Jul 18, 2016.

  1. RSS

    RSS New Member Member

    Blowfish is faster than SHA256, and that's a problem when servers talk back

    A bug in OpenSSH allows an attacker to check whether user names are valid on a 'net-facing server - because the Blowfish algorithm runs faster than SHA256/SHA512.…

    Continue reading...

Share This Page