Описание
Pedro Lineu Orso chetcpasswd 2.3.3 provides a different error message when a request with a valid username fails, compared to a request with an invalid username, which allows remote attackers to determine valid usernames on the system.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| chetcpasswd | removed | package |
EPSS
Процентиль: 74%
0.00849
Низкий
Связанные уязвимости
nvd
около 19 лет назад
Pedro Lineu Orso chetcpasswd 2.3.3 provides a different error message when a request with a valid username fails, compared to a request with an invalid username, which allows remote attackers to determine valid usernames on the system.
github
почти 4 года назад
Pedro Lineu Orso chetcpasswd 2.3.3 provides a different error message when a request with a valid username fails, compared to a request with an invalid username, which allows remote attackers to determine valid usernames on the system.
EPSS
Процентиль: 74%
0.00849
Низкий