CVE-2005-4673

CVE-2005-4673

EPSS 1.4%

ioFTPD 0.5.84 u responds with different messages depending on whether or not a username exists, which allows remote attackers to enumerate valid usernames.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://www.critical.lt/?vulnerabilities/119 http://www.osvdb.org/22709 http://www.securityfocus.com/bid/15253 http://www.security.nnov.ru/Kdocument79.html