3 matches found
CVE-2010-0216
authenticateadsetupfinished.cfm in MediaCAST 8 and earlier allows remote attackers to discover usernames and cleartext passwords by reading the error messages returned for requests that use the UserID parameter...
CVE-2010-0216
authenticateadsetupfinished.cfm in MediaCAST 8 and earlier allows remote attackers to discover usernames and cleartext passwords by reading the error messages returned for requests that use the UserID parameter...
CVE-2010-0216
Summary of CVE-2010-0216 (MediaCAST) Affected software: MediaCAST 8 and earlier. Issue: authenticate_ad_setup_finished.cfm reveals usernames and cleartext passwords by returning verbose error messages when using the UserID parameter, enabling an attacker to enumerate valid usernames and obtain cl...