Описание
changepassword.cgi in Neoteris Instant Virtual Extranet (IVE) 3.x and 4.x, with LDAP authentication or NT domain authentication enabled, does not limit the number of times a bad password can be entered, which allows remote attackers to guess passwords via a brute force attack.
changepassword.cgi in Neoteris Instant Virtual Extranet (IVE) 3.x and 4.x, with LDAP authentication or NT domain authentication enabled, does not limit the number of times a bad password can be entered, which allows remote attackers to guess passwords via a brute force attack.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-0939
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17629
- http://marc.info/?l=bugtraq&m=109709990708794&w=2
- http://secunia.com/advisories/12752
- http://securitytracker.com/id?1011552
- http://www.gosecure.ca/SecInfo/gosecure-2004-10.txt
- http://www.osvdb.org/8365
EPSS
CVE ID
Связанные уязвимости
changepassword.cgi in Neoteris Instant Virtual Extranet (IVE) 3.x and 4.x, with LDAP authentication or NT domain authentication enabled, does not limit the number of times a bad password can be entered, which allows remote attackers to guess passwords via a brute force attack.
EPSS