CVE-2002-1064

CVE-2002-1064

EPSS 2.3%

Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, generates different responses for valid and invalid usernames, which allows remote attackers to identify valid users on the server.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html http://www.iss.net/security_center/static/9688.php http://www.securityfocus.com/bid/5326