OpenSSH Handshake User Enumeration and Denial of Service

This strike exploits a user enumeration vulnerability in OpenSSH. When processing a specially malformed authentication message, OpenSSH will crash, leading to a denial of service condition. This exploit only works if the malicious message is sent using a valid user name. If the username is invalid, OpenSSH will not crash and will send back an authentication failure message. However if it does crash no message will be received and the connection will be closed. An attacker can send specially crafted authentication messages and monitor for closed connections with no error message to verify if usernames exist. Note: this strike does not send actual encrypted messages. Detection would be based on whether or a second encrypted server reply occurs before the session is terminated.