3 matches found
CVE-2004-2398
Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5...
CVE-2004-2398
Vulnerability summary (CVE-2004-2398): Netenberg Fantastico De Luxe 2.8 stores database file names that reveal usernames because file names in the database directory are readable. This enables local attackers to enumerate valid usernames by listing files under /var/lib/mysql, where permissions we...
CVE-2004-2398
Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5...