Approved changes feed: RSS · Atom

cpe:2.3:a:openbsd:openssh:3.6.1:p1:*:*:*:*:*:*

part: a version: 3.6.1 update: p1

VendorOpenbsd (932cdfc2-94b9-5fb6-8ef3-d0b271f414b5)
ProductOpenssh (00fc4953-faf7-5f04-8d3d-4edd44206199)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:github/openssh/openssh-portable purl2cpe 2026-06-01 10:17:38.303717
pkg:mindrot/openss purl2cpe 2026-06-01 10:17:38.303718
pkg:openbsd/openssh purl2cpe 2026-06-01 10:17:38.303720
pkg:rpm/fedora/openssh purl2cpe 2026-06-01 10:17:38.303721
pkg:rpm/opensuse/openssh purl2cpe 2026-06-01 10:17:38.303722

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2003-0190 vulnerable 2026-06-08 04:47:20.956129 Details available
OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack.
Published: 2003-05-02T00:00:00.000Z
Updated: 2024-08-08T01:43:36.108Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.