← voltar
CVE-2009-1293

CVE-2009-1293

EPSS 1.8%
The web login functionality (c/portal/login) in Novell Teaming 1.0 through SP3 (1.0.3) generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://secunia.com/advisories/34714https://www.sec-consult.com/files/20090415-0-novell-teaming.txthttp://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7002997&sliceId=1&docTypeID=DT_TID_1_1&dialogID=33090060&stateId=1%200%2033084737http://www.securityfocus.com/archive/1/502704/100/0/threadedhttp://www.securityfocus.com/bid/34531http://www.securitytracker.com/id?1022063http://www.vupen.com/english/advisories/2009/1048