CVE-2009-1273
- Source
- https://cve.org/CVERecord?id=CVE-2009-1273
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2009-1273.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2009-1273
- Downstream
- Related
- Published
- 2009-04-08T18:30:00Z
- Modified
- 2026-02-04T02:32:06.795980Z
- Summary
- [none]
- Details
-
pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.
- References