← back
CVE-2009-1293

CVE-2009-1293

EPSS 1.8%
The web login functionality (c/portal/login) in Novell Teaming 1.0 through SP3 (1.0.3) generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/34714https://www.sec-consult.com/files/20090415-0-novell-teaming.txthttp://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7002997&sliceId=1&docTypeID=DT_TID_1_1&dialogID=33090060&stateId=1%200%2033084737http://www.securityfocus.com/archive/1/502704/100/0/threadedhttp://www.securityfocus.com/bid/34531http://www.securitytracker.com/id?1022063http://www.vupen.com/english/advisories/2009/1048