Lucene search
DebianCVELIST:CVE-2006-0599HistoryFeb 13, 2006 - 11:00 a.m.
CVE-2006-0599
2006-02-1311:00:00
debian
www.cve.org
2
The (1) elog.c and (2) elogd.c components in elog before 2.5.7 r1558-4 generate different responses depending on whether or not a username is valid, which allows remote attackers to determine valid usernames.
References
bugs.debian.org/cgi-bin/bugreport.cgi/0003-r1472-Do-not-distinguish-between-invalid-user-name-and-invalid-password.txt?bug=349528%3Bmsg=15%3Batt=3
bugs.debian.org/cgi-bin/bugreport.cgi?bug=349528
secunia.com/advisories/18783
www.debian.org/security/2006/dsa-967
www.securityfocus.com/bid/16579
exchange.xforce.ibmcloud.com/vulnerabilities/24706
Related
prion
prion
Code injection
2006-02-13 11:06:00
debiancve
debiancve
CVE-2006-0599
2006-02-13 11:06:00
nvd
nvd
CVE-2006-0599
2006-02-13 11:06:00
cve
cve
CVE-2006-0599
2006-02-13 11:06:00
openvas
openvas
Debian: Security Advisory (DSA-967-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 967-1 (elog)
2008-01-17 00:00:00
nessus
nessus
Debian DSA-967-1 : elog - several vulnerabilities
2006-10-14 00:00:00
osv
osv
elog - several
2006-02-10 00:00:00
debian
debian
[SECURITY] [DSA 967-1] New elog packages fix arbitrary code execution
2006-02-10 06:04:26
[SECURITY] [DSA 967-1] New elog packages fix arbitrary code execution
2006-02-10 06:04:26