3 matches found
Cisco IOS Locally Defined User Enumeration
It is possible to enumerate all locally defined users, which are used for authentication, on a Cisco IOS device if aaa new-model is not used. TRUSTED...
CVE-2003-0512
Cisco IOS 12.2 and earlier exposes a username-enumeration flaw: when an invalid username is entered, the device shows “% Login invalid” instead of prompting for a password, enabling remote attackers to identify valid usernames and perform brute-force password guessing. Affected product set includ...
CVE-2003-0512
Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge...