Описание
ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given username exists, which allows remote attackers to identify valid usernames by timing the server response.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| proftpd | fixed | 1.2.10-4 | package |
EPSS
Процентиль: 74%
0.0083
Низкий
Связанные уязвимости
nvd
около 21 года назад
ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given username exists, which allows remote attackers to identify valid usernames by timing the server response.
github
больше 3 лет назад
ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given username exists, which allows remote attackers to identify valid usernames by timing the server response.
EPSS
Процентиль: 74%
0.0083
Низкий