3 matches found
CVE-2004-1428
ArGoSoft FTP before 1.4.2.1 generates an error message if the user name does not exist instead of prompting for a password, which allows remote attackers to determine valid usernames...
ArGoSoft FTP Server USER Command Account Enumeration
The remote host is running the ArGoSoft FTP Server. The remote version of this software returns different error messages when a user attempts to log in using a nonexistent username or a bad password. An attacker may exploit this flaw to launch a dictionary attack against the remote host in order ...
CVE-2004-1428
ArGoSoft FTP before 1.4.2.1 generates an error message if the user name does not exist instead of prompting for a password, which allows remote attackers to determine valid usernames...