82 matches found
qpopper user existance information leak
During USER/PASS authentication behaviour for invalid username and password is different...
Security Update for ISA Server 2006 Supportability Pack (KB 970811)
When publishing a Web server using forms-based authentication with Radius one-time password OTP as the credentials authority and Kerberos constrained delegation, it may be possible to bypass the form authentication and log on using invalid credentials...