OpenSSH 7.x < 7.3 Multiple Vulnerabilities

Binary data 9507.prm...

Design/Logic Flaw

The Intelligent Platform Management Interface IPMI implementation in the Blade Management Controller in Cisco Unified Computing System UCS allows remote attackers to enumerate valid usernames by observing IPMI interface responses, aka Bug ID CSCtg20761...

CVE-2012-5055

DaoAuthenticationProvider in VMware SpringSource Spring Security before 2.0.8, 3.0.x before 3.0.8, and 3.1.x before 3.1.3 does not check the password if the user is not found, which makes the response delay shorter and might allow remote attackers to enumerate valid usernames via a series of logi...

Cross site request forgery (csrf)

The forgotten mail interface in WordPress and WordPress MU before 2.8.1 exhibits different behavior for a password request depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. NOTE: the vendor reportedly disputes the significance of this issue,...

CVE-2009-1769

The web interface in Open Computer and Software Inventory Next Generation OCS Inventory NG 1.01 generates different error messages depending on whether a username is valid, which allows remote attackers to enumerate valid usernames...

CVE-2008-1618

The PPTP VPN service in Watchguard Firebox before 10, when performing the MS-CHAPv2 authentication handshake, generates different error codes depending on whether the username is valid or invalid, which allows remote attackers to enumerate valid usernames...