OVAL Reference oval:org.opensuse.security:def:201815919

Oval Definition:

oval:org.opensuse.security:def:201815919

Revision Date:	2020-12-01	Version:	1
Title:	CVE-2018-15919
Description:	Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2018-15919 SUSE-SU-2018:3540-1 SUSE-SU-2018:3686-1 SUSE-SU-2018:3768-1 SUSE-SU-2018:3776-1 SUSE-SU-2018:3776-2 SUSE-SU-2018:3781-1 openSUSE-SU-2018:3801-1
Platform(s):	openSUSE Leap 15.0 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Point of Sale 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11-SECURITY SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP1-LTSS SUSE Linux Enterprise Server for SAP Applications 12-LTSS	Product(s):
Definition Synopsis
Release Information SUSE Linux Enterprise Point of Sale 11 SP3 is installed AND openssh-6.2p2-0.41.5 is installed OR openssh-askpass-6.2p2-0.41.5 is installed OR openssh-askpass-gnome-6.2p2-0.41.5 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3-LTSS is installed AND openssh-6.2p2-0.41.5 is installed OR openssh-askpass-6.2p2-0.41.5 is installed OR openssh-askpass-gnome-6.2p2-0.41.5 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS is installed AND openssh-6.2p2-0.41.5 is installed OR openssh-askpass-6.2p2-0.41.5 is installed OR openssh-askpass-gnome-6.2p2-0.41.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3-LTSS is installed AND Package Information openssh-6.2p2-0.41.5 is installed OR openssh-askpass-6.2p2-0.41.5 is installed OR openssh-askpass-gnome-6.2p2-0.41.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information openssh-6.6p1-54.21 is installed OR openssh-askpass-gnome-6.6p1-54.21 is installed OR openssh-fips-6.6p1-54.21 is installed OR openssh-helpers-6.6p1-54.21 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3-LTSS is installed AND openssh-6.2p2-0.41.5 is installed OR openssh-askpass-6.2p2-0.41.5 is installed OR openssh-askpass-gnome-6.2p2-0.41.5 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS is installed AND openssh-6.2p2-0.41.5 is installed OR openssh-askpass-6.2p2-0.41.5 is installed OR openssh-askpass-gnome-6.2p2-0.41.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3-LTSS is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS is installed AND openssh-6.2p2-0.41.5 is installed OR openssh-askpass-6.2p2-0.41.5 is installed OR openssh-askpass-gnome-6.2p2-0.41.5 is installed OR Package Information SUSE Linux Enterprise Server 11-SECURITY is installed OR SUSE Linux Enterprise Server for SAP Applications 11-SECURITY is installed AND openssh-openssl1-6.6p1-19.6 is installed OR openssh-openssl1-helpers-6.6p1-19.6 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND openssh-6.6p1-36.6 is installed OR openssh-askpass-gnome-6.6p1-36.6 is installed OR openssh-fips-6.6p1-36.6 is installed OR openssh-helpers-6.6p1-36.6 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Point of Sale 11 SP3 is installed OR SUSE Linux Enterprise Server 11 SP3-LTSS is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS is installed AND openssh-6.2p2-0.41.5 is installed OR openssh-askpass-6.2p2-0.41.5 is installed OR openssh-askpass-gnome-6.2p2-0.41.5 is installed OR Package Information SUSE Linux Enterprise Server 11-SECURITY is installed OR SUSE Linux Enterprise Server for SAP Applications 11-SECURITY is installed AND openssh-openssl1-6.6p1-19.6 is installed OR openssh-openssl1-helpers-6.6p1-19.6 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND openssh-6.6p1-36.6 is installed OR openssh-askpass-gnome-6.6p1-36.6 is installed OR openssh-fips-6.6p1-36.6 is installed OR openssh-helpers-6.6p1-36.6 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Point of Sale 11 SP3 is installed AND openssh-6.2p2-0.41.5 is installed OR openssh-askpass-6.2p2-0.41.5 is installed OR openssh-askpass-gnome-6.2p2-0.41.5 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3-LTSS is installed AND openssh-6.2p2-0.41.5 is installed OR openssh-askpass-6.2p2-0.41.5 is installed OR openssh-askpass-gnome-6.2p2-0.41.5 is installed OR Package Information SUSE Linux Enterprise Server 11-SECURITY is installed AND openssh-openssl1-6.6p1-19.6 is installed OR openssh-openssl1-helpers-6.6p1-19.6 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS is installed AND openssh-6.2p2-0.41.5 is installed OR openssh-askpass-6.2p2-0.41.5 is installed OR openssh-askpass-gnome-6.2p2-0.41.5 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 11-SECURITY is installed AND openssh-openssl1-6.6p1-19.6 is installed OR openssh-openssl1-helpers-6.6p1-19.6 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND openssh-askpass-gnome-7.6p1-9.3 is installed OR Package Information SUSE Linux Enterprise Module for Basesystem 15 is installed AND openssh-7.6p1-9.3 is installed OR openssh-helpers-7.6p1-9.3 is installed OR Package Information SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND openssh-7.6p1-9.3 is installed OR openssh-cavs-7.6p1-9.3 is installed OR Package Information SUSE Linux Enterprise Module for Server Applications 15 is installed AND openssh-7.6p1-9.3 is installed OR openssh-fips-7.6p1-9.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3-LTSS is installed AND openssh-6.2p2-0.41.5 is installed OR openssh-askpass-6.2p2-0.41.5 is installed OR openssh-askpass-gnome-6.2p2-0.41.5 is installed OR Package Information SUSE Linux Enterprise Server 11-SECURITY is installed AND openssh-openssl1-6.6p1-19.6 is installed OR openssh-openssl1-helpers-6.6p1-19.6 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS is installed AND openssh-6.2p2-0.41.5 is installed OR openssh-askpass-6.2p2-0.41.5 is installed OR openssh-askpass-gnome-6.2p2-0.41.5 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 11-SECURITY is installed AND openssh-openssl1-6.6p1-19.6 is installed OR openssh-openssl1-helpers-6.6p1-19.6 is installed
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information openssh-7.6p1-lp150.8.6 is installed AND openssh is signed with openSUSE key OR openssh-askpass-gnome-7.6p1-lp150.8.6 is installed AND openssh-askpass-gnome is signed with openSUSE key OR openssh-cavs-7.6p1-lp150.8.6 is installed AND openssh-cavs is signed with openSUSE key OR openssh-fips-7.6p1-lp150.8.6 is installed AND openssh-fips is signed with openSUSE key OR openssh-helpers-7.6p1-lp150.8.6 is installed AND openssh-helpers is signed with openSUSE key
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP1-LTSS is installed OR SUSE Linux Enterprise Server 12-LTSS is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP1-LTSS is installed OR SUSE Linux Enterprise Server for SAP Applications 12-LTSS is installed AND Package Information openssh-6.6p1-54.18 is installed OR openssh-askpass-gnome-6.6p1-54.18 is installed OR openssh-fips-6.6p1-54.18 is installed OR openssh-helpers-6.6p1-54.18 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA is installed AND openssh-6.2p2-0.41.8 is installed OR openssh-askpass-6.2p2-0.41.8 is installed OR openssh-askpass-gnome-6.2p2-0.41.8 is installed OR openssh-openssl1-6.6p1-19.9 is installed OR openssh-openssl1-helpers-6.6p1-19.9 is installed OR Package Information SUSE Linux Enterprise Point of Sale 11 SP3 is installed OR SUSE Linux Enterprise Server 11 SP3-LTSS is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS is installed AND openssh-6.2p2-0.41.8 is installed OR openssh-askpass-6.2p2-0.41.8 is installed OR openssh-askpass-gnome-6.2p2-0.41.8 is installed OR Package Information SUSE Linux Enterprise Server 11-SECURITY is installed OR SUSE Linux Enterprise Server for SAP Applications 11-SECURITY is installed AND openssh-openssl1-6.6p1-19.9 is installed OR openssh-openssl1-helpers-6.6p1-19.9 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND openssh-6.6p1-36.9 is installed OR openssh-askpass-gnome-6.6p1-36.9 is installed OR openssh-fips-6.6p1-36.9 is installed OR openssh-helpers-6.6p1-36.9 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA is installed AND openssh-6.2p2-0.41.8 is installed OR openssh-askpass-6.2p2-0.41.8 is installed OR openssh-askpass-gnome-6.2p2-0.41.8 is installed OR openssh-openssl1-6.6p1-19.9 is installed OR openssh-openssl1-helpers-6.6p1-19.9 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3-LTSS is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS is installed AND openssh-6.2p2-0.41.8 is installed OR openssh-askpass-6.2p2-0.41.8 is installed OR openssh-askpass-gnome-6.2p2-0.41.8 is installed OR Package Information SUSE Linux Enterprise Server 11-SECURITY is installed OR SUSE Linux Enterprise Server for SAP Applications 11-SECURITY is installed AND openssh-openssl1-6.6p1-19.9 is installed OR openssh-openssl1-helpers-6.6p1-19.9 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND openssh-6.6p1-36.9 is installed OR openssh-askpass-gnome-6.6p1-36.9 is installed OR openssh-fips-6.6p1-36.9 is installed OR openssh-helpers-6.6p1-36.9 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3-TERADATA is installed AND openssh-6.2p2-0.41.5 is installed OR openssh-askpass-6.2p2-0.41.5 is installed OR openssh-askpass-gnome-6.2p2-0.41.5 is installed OR openssh-openssl1-6.6p1-19.6 is installed OR openssh-openssl1-helpers-6.6p1-19.6 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3-LTSS is installed AND openssh-6.2p2-0.41.5 is installed OR openssh-askpass-6.2p2-0.41.5 is installed OR openssh-askpass-gnome-6.2p2-0.41.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP1-LTSS is installed OR SUSE Linux Enterprise Server 12-LTSS is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP1-LTSS is installed OR SUSE Linux Enterprise Server for SAP Applications 12-LTSS is installed AND Package Information openssh-6.6p1-54.21 is installed OR openssh-askpass-gnome-6.6p1-54.21 is installed OR openssh-fips-6.6p1-54.21 is installed OR openssh-helpers-6.6p1-54.21 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND openssh-fips-7.9p1-4 is installed OR Package Information SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND openssh-askpass-gnome-7.6p1-9.8 is installed OR Package Information SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND openssh-7.9p1-4 is installed OR openssh-helpers-7.9p1-4 is installed OR Package Information SUSE Linux Enterprise Module for Basesystem 15 is installed AND openssh-7.6p1-9.8 is installed OR openssh-helpers-7.6p1-9.8 is installed OR Package Information SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND openssh-7.6p1-9.8 is installed OR openssh-cavs-7.6p1-9.8 is installed OR Package Information SUSE Linux Enterprise Module for Server Applications 15 is installed AND openssh-7.6p1-9.8 is installed OR openssh-fips-7.6p1-9.8 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND openssh-fips-7.9p1-4 is installed OR Package Information SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND openssh-7.9p1-4 is installed OR openssh-helpers-7.9p1-4 is installed

BACK