Lucene search
MitreCVELIST:CVE-2009-1293HistoryApr 16, 2009 - 3:00 p.m.
CVE-2009-1293
2009-04-1615:00:00
mitre
www.cve.org
6
The web login functionality (c/portal/login) in Novell Teaming 1.0 through SP3 (1.0.3) generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.
References
secunia.com/advisories/34714
www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7002997&sliceId=1&docTypeID=DT_TID_1_1&dialogID=33090060&stateId=1%200%2033084737
www.securityfocus.com/archive/1/502704/100/0/threaded
www.securityfocus.com/bid/34531
www.securitytracker.com/id?1022063
www.vupen.com/english/advisories/2009/1048
www.sec-consult.com/files/20090415-0-novell-teaming.txt
Related
nessus
nessus
Novell Teaming Login User Account Enumeration Weakness
2009-04-21 00:00:00
prion
prion
Code injection
2009-04-16 15:12:00
cve
cve
CVE-2009-1293
2009-04-16 15:12:57
nvd
nvd
CVE-2009-1293
2009-04-16 15:12:57
seebug
seebug
Novell Teaming用户枚举和跨站脚本漏洞
2009-04-16 00:00:00