3133 matches found
ProFTPD < 1.2.11 User Enumeration Vulnerability
ProFTPD is prone to a user enumeration vulnerability. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:proftpd:proftpd"; Ref: LS...
[SA17383] Ringtail CaseBook Cross-Site Scripting and Username Enumeration
TITLE: Ringtail CaseBook Cross-Site Scripting and Username Enumeration SECUNIA ADVISORY ID: SA17383 VERIFY ADVISORY: http://secunia.com/advisories/17383/ CRITICAL: Less critical IMPACT: Cross Site Scripting, Exposure of system information WHERE: From remote SOFTWARE: Ringtail CaseBook 6.x...
Juniper Netscreen VPN user enumeration
Different reply for existing user in IKE...
CVE-2005-2591
Parlano MindAlign 5.0 and later versions allows remote attackers to list valid users via unknown vectors, aka the "User Enumeration" vulnerability...
CVE-2005-2591
Parlano MindAlign 5.0 and later versions allows remote attackers to list valid users via unknown vectors, aka the "User Enumeration" vulnerability...
CVE-2005-2591
Parlano MindAlign 5.0 and later versions are reported to be vulnerable to a User Enumeration flaw that allows remote attackers to list valid users via unknown vectors. The description confirms the affected product line but does not provide concrete exploit details, affected components, root cause...
Several Vulnerability Issues Affecting the MindAlign
NISCC Vulnerability Advisory 356752/NISCC/MINDALIGN Several Vulnerability Issues Affecting the MindAlign Product Version Information Advisory Reference 356752/NISCC/MINDALIGN Release Date 12 August 2005 Last Revision 12 August 2005 Version Number 1.0 What is Affected? The following versions of th...
CVE-2002-2014
Lotus Domino 5.0.8 web server returns different error messages when a valid or invalid user is provided in HTTP requests, which allows remote attackers to determine valid user names and makes it easier to conduct brute force attacks...
Tarantella Secure Global Desktop user enumeration
If RSA SecurID is used for authentication error messages differes for invalid username...
Portcullis Security Advisory 05-002 Spectrum Cash Receipting System Weak Password Encryption
Portcullis Security Advisory Vulnerable System: Spectrum Cash Receipting System Vulnerability Title: Spectrum Cash Receipting System Weak Password Protection Vulnerability. Vulnerability discovery and development: Portcullis Security Testing Services. Affected systems: All known versions of...
ArGoSoft FTP Server user enumeration
Server reports invalid username...
Nortel Networks Contivity VPN Client information leakage vulnerability
Name: User Account Enumeration in Nortel Contivity VPN Vendor: Nortel Networks Products Affected: Nortel Networks Contivity VPN Client Type: Remote User Account Enumeration Severity: Medium I. Overview The Nortel Networks Contivity VPN Client authentication error message provides more information...
ProFTPD < 1.2.11 Remote User Enumeration
Binary data 2393.prm...
ProFTPD <= 1.2.10 Remote Users Enumeration Exploit
Exploit for linux platform in category remote exploits ================================================== ProFTPD include include include include define PORT 21 define PROBE 8 main int argc, char argv int sock,n,y; long dist,stat=0; struct sockaddrin sin; char buf1024, buf21024; struct timeval t...
ProFTPd 1.2.10 - Remote Users Enumeration
ProFTPd 1.2.10 - Remote Users Enumeration / Details Vulnerable Systems: ProFTPD Version 1.2.10 and below It is possible to determine which user names are valid, which are special, and which ones do not exist on the remote system. This can be accomplished by code execution path timing analysis...
ProFTPD <= 1.2.10 Remote Users Enumeration Exploit
No description provided by source. / Details Vulnerable Systems: ProFTPD Version 1.2.10 and below It is possible to determine which user names are valid, which are special, and which ones do not exist on the remote system. This can be accomplished by code execution path timing analysis attack at...
serenaTeam.txt
Serena Software's TeamTrack Sensitive Content Disclosure Summary "Serena TeamTrack is a Web-architected, secure and highly configurable enterprise process management solution". We have discovered a security flaw with which a remote attacker can disclosure sensitive information off a TeamTrack...
Multiple bugs in Mondosoft Mondosearch
DoS, request proxying, user enumeration...
[Full-Disclosure] MondoSoft - User enumeration possible
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Topic: MondoSoft - User enumeration possible Application : MondoSearch versions prior to 5.1b Author: Uffe Nielsen uni at protego.dk Advisory URL: http://www.protego.dk/advisories/200404.html Vendor Name: MondoSoft Vendor URL: http://www.mondosoft.com...
DEBIAN-CVE-2004-0042
vsftpd 1.1.3 generates different error messages depending on whether or not a valid username exists, which allows remote attackers to identify valid usernames...