{"uuid": "18167f0c-ba45-44c8-9d8a-624febf8a075", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-20012", "type": "seen", "source": "https://t.me/cibsecurity/28954", "content": "\u203c CVE-2016-20012 \u203c\n\nOpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-16T00:22:08.000000Z"}