Описание
vsftpd 1.1.3 generates different error messages depending on whether or not a valid username exists, which allows remote attackers to identify valid usernames.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| vsftpd | fixed | 2.0.1-1 | package |
Примечания
can't find any mention of the bug being fixed, but vsftpd doesn't
show the beaviour described in http://www.securitytracker.com/alerts/2004/Jan/1008628.html
Связанные уязвимости
nvd
около 22 лет назад
vsftpd 1.1.3 generates different error messages depending on whether or not a valid username exists, which allows remote attackers to identify valid usernames.
github
почти 4 года назад
vsftpd 1.1.3 generates different error messages depending on whether or not a valid username exists, which allows remote attackers to identify valid usernames.