|
|
CVE Reference: CVE-2004-1602 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2004-1602 |
|
|
Description: ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given username exists, which allows remote attackers to identify valid usernames by timing the server response. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/17724 ST 1011687 MISC http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=109786760926133&w=2 BID 11430 |
|
| Return to the previous page. |
