Описание
my.activation.php3 in F5 FirePass 5.4 through 5.5.1 and 6.0 displays different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to confirm the validity of an LDAP account.
my.activation.php3 in F5 FirePass 5.4 through 5.5.1 and 6.0 displays different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to confirm the validity of an LDAP account.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-0195
- https://tech.f5.com/home/solutions/sol6923.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051651.html
- http://secunia.com/advisories/23627
- http://www.mnin.org/advisories/2007_firepass.pdf
- http://www.osvdb.org/32736
- http://www.securityfocus.com/bid/21957
EPSS
CVE ID
Связанные уязвимости
my.activation.php3 in F5 FirePass 5.4 through 5.5.1 and 6.0 displays different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to confirm the validity of an LDAP account.
EPSS