Описание
vsftpd 1.1.3 generates different error messages depending on whether or not a valid username exists, which allows remote attackers to identify valid usernames.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| vsftpd | fixed | 2.0.1-1 | package |
Примечания
can't find any mention of the bug being fixed, but vsftpd doesn't
show the beaviour described in http://www.securitytracker.com/alerts/2004/Jan/1008628.html
EPSS
Процентиль: 57%
0.00346
Низкий
Связанные уязвимости
nvd
больше 21 года назад
vsftpd 1.1.3 generates different error messages depending on whether or not a valid username exists, which allows remote attackers to identify valid usernames.
github
больше 3 лет назад
vsftpd 1.1.3 generates different error messages depending on whether or not a valid username exists, which allows remote attackers to identify valid usernames.
EPSS
Процентиль: 57%
0.00346
Низкий